Microsoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser.
The native data security control is designed to prevent employees from sharing sensitive company-related data into consumer generative artificial intelligence (GenAI) apps like OpenAI ChatGPT, Google Gemini, and DeepSeek. The list will be expanded over time to include other genAI, email, collaboration, and social media apps.
“With the new inline protection capability for Edge for Business, you can prevent data leakage across the various ways that users interact with sensitive data in the browser, including typing of text directly into a web application or generative AI prompt,” the tech giant said.
The Microsoft Purview browser data loss prevention (DLP) controls come as the company announced the General Availability of collaboration security for Microsoft Teams in an effort to tackle phishing attacks against users of the enterprise communication app.
In recent months, threat actors such as Storm-1674 and Storm-1811 have leveraged Microsoft Teams as a conduit to trick unsuspecting users into downloading malicious software or granting them remote access for subsequent ransomware deployment.
The latest set of features offers new controls that enable an organization’s security team to dictate which tenants, domains, and
users can communicate with their employees, better protection against malicious links or attachments in real-time, and improved ways to report suspicious messages to admins.
“Suspicious files and URLs are automatically executed in a secure, isolated environment — a sandbox — to determine if they exhibit any malicious behavior,” Microsoft said. “This process, known as real-time detonation, ensures that harmful content is identified and neutralized before end-users can access it.”
Coinciding with these announcements, Redmond said it’s expanding Security Copilot with 11 new agentic solutions, five of which come from outside partners, to analyze data breaches, prioritize critical alerts, perform root cause analysis, and improve compliance.
The Microsoft-developed Security Copilot agents, to be available for preview next month, will triage phishing alerts, data loss prevention and insider risk notifications, monitors for vulnerabilities and remediation, and curate threat intelligence based on an organization’s threat exposure.
“The relentless pace and complexity of cyber attacks have surpassed human capacity and establishing AI agents is a necessity for modern security,” Vasu Jakkal, corporate vice president at Microsoft Security, said.
“The volume of these attacks overwhelms security teams relying on manual processes and fragmented defenses, making it difficult to both triage malicious messages promptly and leverage data-driven insights for broader cyber risk management.”
“The phishing triage agent in Security Copilot being unveiled today can handle routine phishing alerts and attacks, freeing up human defenders to focus on more complex threats and proactive security measures.”
