What’s new in DefenderXDR? 07/26
June and july has brought more than just high temperatures. While many are looking for ways to stay cool, including myself, Microsoft continues to deliver new Defender updates, with a strong focus on AI security, identity protection, and platform improvements. In this month's roundup, I summarize the most relevant announcements and highlight a few updates that stand out.
My personal Highlights
AI agent runtime protection updates (Preview)
AI agents are rapidly becoming part of daily operations, especially in developer and automation scenarios. What makes this update stand out is that Microsoft is no longer treating AI security as a future problem. The expansion of runtime protection to additional agents such as Codex and GitHub Copilot, combined with support for network-based inspection for agents that don't expose native security hooks, closes an important visibility gap.
From a security perspective, prompt injection is a attack vectors against AI-powered workflows. Having Defender inspect prompts, tool calls, and agent responses before actions are executed provides an additional layer of control that many organizations are currently missing. As AI adoption continues to accelerate, I expect runtime protection for AI agents to become just as important as endpoint protection is today.
Domain Investigation page now generally available
This is one of those features that doesn't receive a lot of attention but can provide nice value in day-to-day operations. Active Directory remains a important target during identity-based attacks.
The new Domain Investigation page brings domain health, sensor coverage, trust relationships, sensitive identities, and security recommendations into a single overview. For administrators and security teams, this makes it easier to understand the overall security posture of a domain and quickly identify areas that require attention.
Particularly in larger or hybrid environments, having a centralized Active Directory security view can reduce investigation time and help prioritize remediation efforts more effectively. For organizations using Defender for Identity, this is a welcome addition that strengthens visibility into one of the most critical parts of the infrastructure.
Defender for Endpoint
-
Status: Preview
Summary
AI agent runtime protection for Microsoft Defender for Endpoint continues to expand coverage for local AI agents and coding assistants. The latest enhancements simplify deployment by removing Beta channel requirements for supported integrations and extend protection to additional AI agents through network-based inspection. This helps organizations protect a broader range of AI-powered tools against prompt injection attacks and high-risk agent actions.Key Details
Impact
Expands AI security coverage while reducing operational complexity. Organizations can protect supported AI agents using standard Defender platform and engine update channels, eliminating the need for Beta channel configurations. The update also extends protection to additional AI agent frameworks that previously lacked runtime inspection capabilities.How it works
Defender inspects key stages of the AI agent workflow, including user prompts, tool execution requests, and tool responses. Runtime protection uses agent-native event inspection for supported agents and network inspection for agents that do not expose vendor-supported event interfaces. Suspicious activity can be audited or blocked before potentially harmful actions are executedEnhancements in this update
Vendor-supported agent event interfaces now work with standard platform and engine update channels, removing the need for Beta channel enrollment.
Agent-native event inspection now supports Codex CLI and the GitHub Copilot app.
Network inspection support has been added for agents without vendor-supported event interfaces, including OpenClaw and similar Node.js-based Claw agents
Important notes
Runtime protection focuses on detecting and blocking prompt injection attacks by inspecting content as it moves through the agent workflow. Microsoft recommends starting in Audit mode before enabling Block mode for active enforcement. Network inspection is not supported for agents using certificate pinning or HTTP/3.Who’s affected
Organizations using local AI agents, coding assistants, AI-powered CLI tools, or autonomous agent platforms. Security teams responsible for protecting AI-enabled endpoints and monitoring emerging AI threats will benefit from the expanded coverage.Required Actions
Review deployed AI agents and evaluate whether newly supported agents should be included in your protection strategy. Validate detections in Audit mode and plan a transition to Block mode where appropriate. Ensure runtime protection is enabled for supported AI workloads.
Learn more:AI agent runtime protection with Microsoft Defender for Endpoint (Preview)
-
Status: Preview
Summary
Microsoft Defender for Endpoint now automatically discovers supported local AI agents running on onboarded devices and surfaces them in the Microsoft Defender portal. This provides security teams with centralized visibility into AI agent usage across the organization, including coding assistants, IDE extensions, desktop AI applications, local AI runtimes, and agent platforms. Discovered agents are available in the AI agent inventory, exposure map, and advanced hunting experiences.Key Details
Impact
Provides visibility into local AI agent adoption across the organization and helps security teams understand where AI-powered tools are being used. The feature enables organizations to identify AI agents running on endpoints, investigate their relationships to users and devices, and assess potential exposure across their environment.How it works
Defender automatically detects supported local AI agents and MCP server configurations on onboarded devices without requiring additional deployment or configuration. Once discovered, agents are surfaced as assets within the Microsoft Defender portal, where security teams can review agent details, associated devices and users, and investigate findings through Advanced Hunting.Key capabilities
Automatic discovery of supported local AI agents on onboarded Windows devices.
Visibility through the AI agent inventory with device and user associations.
Integration with the Exposure Map to visualize relationships between AI agents, devices, identities, and accessible resources.
Advanced Hunting support using KQL for investigation and analysis.
Discovery of supported MCP server configurations associated with local AI agents.
Important notes
Local AI agent discovery provides discovery and investigation capabilities only. It does not currently include security posture assessments, recommendations, or alert generation for endpoint agents. Discovery begins automatically when devices meet the required onboarding and licensing prerequisites.Who’s affected
Organizations adopting AI-powered developer tools, coding assistants, desktop AI applications, or autonomous agent platforms. Security operations and governance teams looking to gain visibility into local AI usage will benefit most from this capability.Required Actions
Review the AI agent inventory after enabling the feature and identify which local AI agents are in use across the organization. Use the exposure map and advanced hunting capabilities to assess potential risks, establish governance processes, and monitor AI agent adoption.
-
Status: Rolling Out
Summary
Microsoft is introducing a new servicing model for Defender for Endpoint on Windows. Going forward, EDR component updates will be delivered separately from the monthly Windows security updates, allowing security improvements to reach devices faster and on a more flexible release cadence.Key Details
Impact
Decoupling EDR updates from the operating system update cycle enables Microsoft to deliver security enhancements independently of Windows patch releases. This approach improves agility while minimizing disruption, as most updates can be applied without requiring a reboot.How it works
Eligible devices will receive EDR updates directly through Microsoft Update. A dedicated Defender update mechanism handles the installation process, bringing EDR servicing in line with other Microsoft Defender components.Rollout schedule
Deployment started with Windows 10 devices in May 2026.
Support for Windows 11 and additional supported Windows versions will follow in phases.
Broad availability across major Windows client platforms is expected by Fall 2026.
Important notes
Defender for Endpoint updates are no longer tied to the monthly Windows security release cycle.
Reboots are generally not expected as part of the update process.
Existing Windows Update and Microsoft Update policies remain the primary method for controlling update deployment.
Organizations using custom update workflows should review how Defender updates are currently distributed.
Who’s affected
Organizations running Microsoft Defender for Endpoint on supported Windows clients and servers, particularly those with managed patching processes, strict change management requirements, or manually deployed update packages.Required Actions
No changes are required for environments that already rely on Microsoft Update.
Organizations with custom packaging or software distribution processes should verify that Defender for Endpoint updates are included in future deployment workflows.
Review operational procedures and update documentation to reflect the new servicing model.
Ensure endpoint management, security, and support teams are aware of the change.
Rollback guidance
If necessary, administrators can revert Defender for Endpoint EDR components to a previously installed version using the Defender command-line utility, providing a recovery option for troubleshooting or compatibility scenariosLearn more: MC1381119
-
Status: General Availability
Summary
Microsoft has introduced additional network endpoints for Defender for Endpoint on Linux. These endpoints are used to deliver service-side configuration changes, phased feature releases, and urgent remediation measures when needed. Organizations should ensure the appropriate URL for their tenant environment is accessible to avoid missing future improvements and operational updates.Key Details
Impact
Linux devices may not receive certain product enhancements, optimizations, or service-driven configuration updates if the required connectivity endpoints are blocked. This change supports Microsoft's ability to respond faster to issues and deliver new capabilities without requiring a full product update.How it works
Defender for Endpoint on Linux now retrieves operational configuration data from dedicated Microsoft service endpoints. These configurations help Microsoft fine-tune product behavior, introduce new capabilities gradually, and react quickly to service-related issues when necessary.What's changing
New tenant-specific service URLs must be reachable from Linux endpoints.
Only the endpoint corresponding to your tenant type needs to be allowlisted.
The new connectivity requirements apply to commercial and government cloud environments.
Important notes
These endpoints are used for product management and feature enablement rather than customer policy changes.
Existing Defender configurations and administrator-defined settings remain under customer control.
Endpoint names may contain references to Skype, Teams, or Office due to shared Microsoft infrastructure and do not indicate a dependency on those services.
End users should not notice any change in day-to-day experience.
Who's affected
Organizations running Microsoft Defender for Endpoint on Linux servers or workstations, particularly those operating behind strict firewalls, proxy services, or outbound network filtering controls.Required Actions
Review outbound network policies for Linux devices.
Verify that the Microsoft endpoint associated with your tenant type is included in existing allowlists.
If the required endpoint is already permitted, no further action is necessary.
Learn more: MC1388718
-
Status: Upcoming Change
Summary
Microsoft is removing SMB signature inspection telemetry from Defender for Endpoint Advanced Hunting to reduce endpoint overhead and streamline network data collection. Organizations that currently rely on SMB-specific signature events should update their hunting queries and detections before the change takes effect to ensure continued visibility into SMB activity.Key Details
Impact
Security teams may see hunting queries, analytics rules, or automated workflows stop returning results if they depend on SMB signature inspection events. Microsoft is retiring this telemetry as part of a broader effort to optimize endpoint performance and focus on higher-value network visibility.How it works
After the rollout, Defender for Endpoint will no longer generate SMB-related network signature inspection events. SMB traffic can still be identified through existing network telemetry by filtering for standard SMB communication over port 445.What's changing
SMB-specific signature inspection events will no longer be available in Advanced Hunting.
Existing queries referencing the retired SMB signature data will stop producing results.
Other network signature inspection events are not affected by this change.
No tenant configuration changes are required, as the update is applied automatically.
Important notes
The rollout is scheduled to begin on July 13, 2026 across all cloud environments.
Microsoft recommends transitioning to port-based SMB detection methods ahead of the rollout.
Organizations using custom detections, scheduled queries, or automation should validate their updated logic before the change is implemented.
This change only affects the retired SMB signature telemetry and does not remove SMB visibility altogether.
Who's affected
Security analysts, threat hunters, and administrators using Advanced Hunting, especially those maintaining custom detections, analytical queries, dashboards, or automated response workflows that reference SMB signature events.Required Actions
Review existing hunting queries and custom detections for SMB signature dependencies.
Replace SMB signature-based logic with queries that identify SMB traffic using network port information.
Test and validate updated queries prior to rollout to avoid interruptions in monitoring and threat hunting activities.
Learn more: MC1330888
Defender for Identity
-
Status: General Availability
Summary
Microsoft has made the Domain Investigation experience in Defender for Identity generally available. The feature provides a centralized view of Active Directory domain security, helping security teams assess domain health, identify security gaps, and investigate risks without switching between multiple tools or administrative consoles.Key Details
Impact
The new experience simplifies Active Directory security assessments by bringing together domain health, security posture, trust relationships, and remediation guidance in a single location. This makes it easier for security teams to understand domain exposure and prioritize improvements.How it works
The Domain Investigation page aggregates information collected by Defender for Identity and presents it through a dedicated domain-centric view. Administrators can review deployment coverage, identity-related risks, security recommendations, and domain configuration details without requiring direct access to domain controllers.Key capabilities
Review overall domain health and sensor deployment coverage.
Analyze identities, service accounts, groups, and sensitive entities within a domain.
View prioritized security recommendations and exposure indicators.
Examine domain trust relationships and Active Directory configuration details.
Access domain-specific alerts and incidents to accelerate investigations.
Important notes
The feature requires Microsoft Defender for Identity licensing.
Users need appropriate permissions, such as Security Reader or higher, to access the domain view.
The page is intended for both proactive security reviews and incident investigations.
Who's affected
Organizations using Active Directory and Microsoft Defender for Identity, particularly identity security teams, SOC analysts, and administrators responsible for securing hybrid identity environments.Required Actions
Familiarize security teams with the new domain-centric investigation experience.
Use the page to review domain health, trust relationships, and active recommendations.
Incorporate the new view into existing identity security assessment and incident response workflows.
Learn more:Investigate an Active Directory domain in Microsoft Defender for Identity.
Defender for Cloud Apps
-
Status: General Availability
Summary
Microsoft is modernizing one of its longstanding threat detections in Defender for Cloud Apps by replacing the static alert for former employees with a dynamic, intelligence-driven detection model. The new detection is designed to improve accuracy, reduce noise, and adapt automatically as attacker techniques evolve.Key Details
Impact
Security teams can expect more reliable identification of suspicious activity associated with deprovisioned accounts. By moving away from fixed detection logic, Microsoft can continuously refine detection quality without requiring customers to manually tune policies.How it works
The legacy alert previously used predefined detection criteria. The new model leverages Microsoft's continuously maintained threat intelligence and detection expertise to identify potentially risky activity from accounts that should no longer be active. As the underlying analytics evolve, detection patterns may change over time.What's changing
The legacy "Activity performed by terminated user" alert is being replaced by "Activity by a deprovisioned user".
The new detection is enabled by default.
Detection logic is maintained by Microsoft and updated automatically.
Security analytics will continuously evolve to improve signal quality and respond to emerging threats.
Important notes
Alert behavior and alert volume may differ from the legacy implementation.
No manual migration or configuration changes are required.
Legacy detections may remain visible during the transition period before being retired.
Organizations should expect ongoing improvements as Microsoft refines the underlying detection model.
Who's affected
Organizations using Microsoft Defender for Cloud Apps threat protection capabilities, particularly SOC analysts, incident responders, and security operations teams that monitor account-related alerts.Required Actions
No immediate action is required.
Review any playbooks, automations, or workflows that reference the legacy alert name.
Inform SOC teams that alert characteristics may change after the rollout.
Monitor detection trends following deployment to establish a new baseline for investigation and reporting.
Learn more: MC1402307
-
Status: Retirement Notice
Summary
Microsoft is continuing the consolidation of data protection capabilities into Microsoft Purview. As part of this transition, file policies in Defender for Cloud Apps will be retired on January 6, 2027. Organizations currently using file-based governance, protection, or monitoring policies should begin planning their migration to Microsoft Purview to avoid disruptions after the retirement date.Key Details
Impact
File-centric data protection and governance scenarios will no longer be managed through Defender for Cloud Apps. Moving these capabilities to Microsoft Purview provides a more unified approach to data security, compliance, and information protection across Microsoft 365 services.How it works
Organizations are expected to replace existing Defender for Cloud Apps file policies with equivalent Microsoft Purview capabilities, such as Data Loss Prevention (DLP) policies and auto-labeling policies. Microsoft provides migration guidance to help map existing controls and actions to their Purview counterparts.What's changing
File policies in Defender for Cloud Apps will reach end of support on January 6, 2027.
Future file-based protection scenarios should be implemented in Microsoft Purview.
Microsoft recommends reviewing current policies well in advance of the retirement date.
Migration guidance includes policy mapping, governance actions, and known feature differences.
Important notes
Not every Defender for Cloud Apps file policy capability has a direct one-to-one equivalent in Microsoft Purview.
Organizations should assess potential feature gaps during migration planning.
Existing policies will require recreation rather than automatic migration.
Early planning is recommended to avoid last-minute changes and testing efforts.
Who's affected
Organizations using Defender for Cloud Apps file policies to monitor, classify, protect, or govern files stored in connected cloud applications.Required Actions
Inventory existing Defender for Cloud Apps file policies.
Identify equivalent Microsoft Purview DLP or auto-labeling policies.
Validate policy behavior and governance workflows before retirement.
Complete migration activities prior to January 6, 2027.
Learn more: Migrate file policies to Microsoft Purview - Microsoft Defender for Cloud Apps | Microsoft Learn
Defender for Office365
-
Status: General Availability
Summary
Microsoft Defender for Office 365 is improving the user experience for reported message notifications by automatically matching notification emails to a user's Outlook language preference. This change applies to the default notification template and helps users better understand the outcome of message reviews without requiring organizations to maintain multilingual templates.Key Details
Impact
Users will receive review notifications in their preferred language, making security communications easier to understand and improving engagement with user reporting workflows.How it works
When administrators use the default "Mark and notify" template, Defender automatically selects the appropriate language based on the recipient's Outlook settings. The feature is enabled automatically as part of existing user reporting notification workflows.What's changing
Default notification emails will be translated into supported languages.
Language selection is based on each user's Outlook language preference.
Formatting and messaging remain consistent across all supported languages.
Existing reporting and notification processes continue to work without modification.
Important notes
The change only applies to Microsoft's built-in notification template.
Custom notification templates configured by administrators are not affected.
Message verdicts, investigation outcomes, and reporting workflows remain unchanged.
No impact on automated investigation and response capabilities.
Who's affected
Organizations using Microsoft Defender for Office 365 user-reported message workflows, particularly those with multilingual user populations.Required Actions
No action is required. However, organizations may want to update internal documentation and inform support teams that notification emails can now appear in the user's preferred language.
Learn more:MC1387578
DefenderXDR
-
Status: General Availability
Summary
Microsoft Defender now provides dedicated security capabilities for AI agents licensed through Microsoft Agent 365. Organizations can gain visibility into deployed AI agents, assess their security posture, investigate suspicious activity, and apply real-time protections to help secure AI-powered workloads across the environment.Key Details
Impact
Brings AI agents into the broader Microsoft Defender security ecosystem, enabling security teams to monitor and protect agent-based workloads alongside traditional users, devices, identities, and applications.How it works
After onboarding, Microsoft Defender collects AI-related security signals and connects to supported Microsoft services to provide visibility, posture assessment, threat detection, investigation capabilities, and runtime protection for AI agents.Key capabilities
Discovery of AI agents deployed across the tenant.
Security posture assessment to identify potential risks and misconfigurations.
Threat detection and investigation capabilities for AI-related security events.
Real-time protection for supported AI agents, including Copilot Studio agents.
Integration with the Microsoft Defender XDR experience for centralized monitoring.
Important notes
A Microsoft Agent 365 license is required.
Initial setup includes enabling data collection and connecting the required Microsoft services.
Organizations using Copilot Studio can extend protection to AI agents created and managed within that platform.
Who's affected
Organizations adopting Microsoft Agent 365, Microsoft Copilot, or Copilot Studio-based AI solutions, as well as security teams responsible for governing and securing AI workloads.Required Actions
Review whether Microsoft Agent 365 and AI agent workloads are currently in use within the organization.
Enable the required Defender integrations and data collection settings.
Connect Microsoft 365 and Copilot Studio environments where applicable.
Incorporate AI agents into existing security monitoring and governance processes.

