Cyber Intelligence
🤖

AI Security

26 articles in this category

🤖
AI Security18 min readJun 25, 2026

Microsoft Copilot for Security: Six Months In, What Actually Works

Your SOC team activated Copilot for Security six months ago expecting AI-driven incident response. Some capabilities delivered real analyst time savings. Others produced confident-sounding summaries that were factually wrong. This review covers what Copilot actually accelerates in production SOC workflows, what still requires heavy prompt engineering, and where the token economics make it hard to justify at scale.

Microsoft Copilot for SecuritySOCSentinel
🤖
AI Security18 min readJun 23, 2026

Secure AI Supply Chain: Verifying Models Before Deploying to Azure AI Foundry

A data scientist pulled a community model from the Foundry catalog and deployed it to a production hub. The model contained a pickle deserialization payload that executed under the hub managed identity, giving the attacker access to Key Vault and connected storage. This guide covers model provenance verification, automated scanning pipelines, registry hardening, and the Azure Policy controls that prevent untrusted models from reaching production compute.

AI Supply ChainAzure AI FoundryModel Security
🤖
AI Security19 min readJun 23, 2026

OWASP LLM Top 10 2025: What Changed and What It Means for Azure AI Deployments

The OWASP LLM Top 10 2025 revision reshuffled the risk landscape: prompt injection dropped to second place, unbounded consumption is new, and system prompt leakage got its own category. If you run Azure OpenAI or AI Foundry workloads, every change maps to specific controls you either have or are missing. This guide breaks down each updated risk with Azure-native mitigations, detection queries, and the controls that actually close the gaps.

OWASP LLM Top 10Azure AI SecurityPrompt Injection
🤖
AI Security17 min readJun 18, 2026

Prompt Injection in Enterprise AI Copilots: Detection and Prevention

An attacker embedded a hidden instruction in a SharePoint document, and M365 Copilot followed it during a summarization request, exfiltrating internal project names to an external URL. Prompt injection is the top attack vector against enterprise copilots, and most organizations have no detection in place. This guide covers the attack taxonomy, Azure AI Content Safety prompt shields, Defender for Cloud Apps policies, and the KQL queries that catch injection attempts in audit logs.

Prompt InjectionAI SecurityM365 Copilot
🤖
AI Security18 min readMay 21, 2026

Azure AI Foundry Evaluation Security: Adversarial Testing and Red Team Workflows

Content filters and manual review will not catch indirect prompt injection via poisoned RAG documents or multi-turn jailbreak escalation. This guide covers the full operational red team workflow for Azure AI Foundry: PyRIT setup, orchestrator-driven attack campaigns, Azure AI Evaluation SDK safety gates, CI/CD integration, and KQL detection for production probing.

Azure AI FoundryRed TeamPyRIT
🤖
AI Security17 min readMay 19, 2026

Microsoft Purview for AI Governance: Classifying and Protecting AI Training Data

AI training pipelines bypass traditional DLP controls because they access data as bulk blob reads, not document downloads. This guide shows how to configure Microsoft Purview specifically for AI data scenarios: scanning training datasets, designing a label taxonomy for AI use cases, enforcing DLP policies against AI pipelines, and integrating with Azure AI Foundry.

Microsoft PurviewAI GovernanceData Classification