AB-6007: Secure and Govern your AI Agent Workforce

AB-6007: Secure and Govern your AI Agent Workforce is a one-day instructor-led course for Microsoft 365 administrators and security professionals who need to discover, secure, govern, monitor, and manage AI agents across the Microsoft 365 environment.

Students learn how Microsoft Agent 365, Microsoft Entra, Microsoft Purview, Microsoft Defender XDR, Microsoft Defender for Cloud Apps, Microsoft Defender for Cloud, and Microsoft Foundry help organizations apply governance, access control, data protection, and threat monitoring to AI agent adoption.

Course: AB-6007: Secure and Govern your AI agent workforce
Duration: 1 day
Level: Intermediate
Audience: Microsoft 365 administrators, identity administrators, security administrators, compliance administrators, cloud administrators, platform administrators, governance teams, and IT professionals responsible for AI agent administration.

Why choose Dynamics Edge for AB-6007 training?

Dynamics Edge delivers AB-6007 training with practical Microsoft 365 administration, security, compliance, and AI governance examples. The course helps administrators understand how to manage AI agents as a new workforce layer that requires discovery, identity controls, data protection, monitoring, and policy enforcement.

• Learn how to discover, inventory, and govern AI agents in Microsoft 365.
• Understand how Microsoft Agent 365 supports agent administration and lifecycle management.
• Apply Microsoft Entra identity controls, Conditional Access, and access governance to AI agents.
• Use Microsoft Purview and Microsoft Defender technologies to protect sensitive data and monitor AI-related risks.
• Request private team delivery for AI governance readiness, Copilot administration, agent security, Microsoft 365 security operations, or responsible AI rollout.

What will you learn in AB-6007 training?

Students learn how to administer and secure an AI agent workforce using Microsoft 365 security, compliance, identity, and governance tools. The course emphasizes practical governance of AI agents, data protection, identity risk management, runtime protection, threat monitoring, and operational control.

• Discover and inventory AI agents operating across Microsoft 365.
• Govern agents with Microsoft Agent 365 and enforce lifecycle controls.
• Secure agent identities using Microsoft Entra Agent ID, Conditional Access, and access governance.
• Protect sensitive data with Microsoft Purview Data Security Posture Management for AI.
• Monitor and investigate agent risks using Microsoft Defender XDR, Defender for Cloud Apps, Defender for Cloud, and security alerts.

Secure and Govern your AI Agent Workforce AB-6007 Course Outline

Module 1: Introduce AI agent governance in Microsoft 365

Students learn why AI agents require governance, security, monitoring, and operational oversight. The module introduces the AI agent workforce concept and explains how administrators can manage agents across Microsoft 365.

Topics include:

• Describe the AI agent workforce.
• Explain why AI agents require governance.
• Identify administrator responsibilities for AI agents.
• Review common AI agent risks.
• Understand the Microsoft 365 agent governance model.

Module 2: Discover and inventory AI agents

Students learn how to identify agents operating in the Microsoft 365 environment. The module covers agent discovery, inventory, ownership, registration, metadata, and lifecycle visibility.

Topics include:

• Discover agents in Microsoft 365.
• Review agent inventory and metadata.
• Identify agent owners and business purpose.
• Track agent lifecycle status.
• Prepare agents for governance review.

Module 3: Manage agents using Microsoft Agent 365

Students learn how Microsoft Agent 365 supports agent administration and governance. The module covers enabling the Agent 365 management experience, registering agents, applying controls, and monitoring agent activity.

Topics include:

• Enable the Agent 365 management interface.
• Register AI agents.
• Apply governance controls to agents.
• Monitor agent activity and usage.
• Enforce organizational AI governance policies.

Module 4: Secure agent identities with Microsoft Entra

Students learn how AI agents authenticate and how agent identities should be protected. The module introduces Microsoft Entra Agent ID, Conditional Access, identity lifecycle controls, and least-privilege access.

Topics include:

• Identify AI agent identities.
• Apply Conditional Access controls.
• Manage the agent identity lifecycle.
• Reduce over-privileged agent access.
• Review authentication and authorization risk.

Module 5: Analyze AI identity risks with Microsoft Defender XDR

Students learn how Microsoft Defender XDR helps security teams investigate AI identity risks. The module covers agent discovery, blast radius analysis, attack paths, identity risk investigation, and remediation.

Topics include:

• Discover AI agents in Microsoft Defender XDR.
• Analyze agent identity blast radius.
• Review AI agent attack paths.
• Investigate risky agent access.
• Remediate identity exposure.

Module 6: Protect sensitive data used by AI agents

Students learn how Microsoft Purview helps protect sensitive data used by AI agents and Copilot experiences. The module covers DSPM for AI, oversharing, sensitive content exposure, SharePoint risk, and AI interaction risk.

Topics include:

• Use Microsoft Purview DSPM for AI.
• Identify sensitive data used by AI tools.
• Review overexposed SharePoint content.
• Analyze Copilot and AI app interaction risks.
• Reduce sensitive data exposure.

Module 7: Configure runtime protection for Copilot Studio agents

Students learn how runtime protection helps monitor and protect Copilot Studio agents. The module covers Microsoft Defender for Cloud Apps, Defender portal configuration, Power Platform coordination, alerts, inventory, and Advanced Hunting.

Topics include:

• Configure runtime protection for Copilot Studio agents.
• Enable AI protection in Microsoft Defender.
• Coordinate App ID configuration with Power Platform admins.
• Review agent alerts and inventory.
• Validate Advanced Hunting data.

Module 8: Secure AI model traffic and guardrails

Students learn how to secure AI model traffic and apply guardrails to AI workloads. The module covers AI Gateway in Microsoft Foundry, access restrictions, model traffic monitoring, content filters, safety controls, blocklists, and guardrail validation.

Topics include:

• Configure AI Gateway security.
• Apply access restrictions to AI model traffic.
• Monitor AI model usage.
• Configure Microsoft Foundry guardrails.
• Test content filters and safety controls.

Module 9: Monitor AI workload security with Defender for Cloud

Students learn how Microsoft Defender for Cloud helps secure AI workloads. The module covers AI workload protection, posture management, runtime threat detection, Data & AI security dashboards, and Defender XDR integration.

Topics include:

• Enable AI workload protection.
• Review AI security posture.
• Use the Data & AI security dashboard.
• Detect runtime threats.
• Investigate AI incidents in Defender XDR.

Module 10: Operationalize AI agent governance

Students learn how to turn AI agent governance into an ongoing operating model. The module covers governance roles, policy review, monitoring, reporting, incident response, remediation, and continuous improvement.

Topics include:

• Define AI agent governance roles.
• Establish agent review and approval workflows.
• Monitor usage, risk, and policy compliance.
• Respond to AI agent security incidents.
• Improve governance with recurring review cycles.

Hands-on labs

The AB-6007 labs support hands-on practice for Microsoft 365 administrators, identity administrators, security administrators, and compliance administrators. This single consolidated lab list is based on the most important Microsoft Learn topics and practical agent governance tasks from the AB-6007 course area.

• Lab 1: Discover and inventory AI agents in the Microsoft 365 environment.
• Lab 2: Enable and review the Microsoft Agent 365 management interface.
• Lab 3: Register agents and review agent metadata, ownership, purpose, and lifecycle status.
• Lab 4: Apply governance controls and access policies to AI agents.
• Lab 5: Secure agent identities using Microsoft Entra Agent ID and Conditional Access.
• Lab 6: Analyze AI identity blast radius and attack paths using Microsoft Defender XDR.
• Lab 7: Use Microsoft Purview DSPM for AI to identify sensitive data risks, oversharing, and AI interaction risks.
• Lab 8: Configure real-time runtime protection for Copilot Studio agents using Microsoft Defender for Cloud Apps.
• Lab 9: Configure AI Gateway security and Microsoft Foundry guardrails for safer AI workload access.
• Lab 10: Monitor AI agent activity, alerts, incidents, and governance compliance using Microsoft Defender and Microsoft Agent 365.

Course review

Students should leave the course able to explain how Microsoft 365 administrators can discover, secure, govern, monitor, and manage AI agents. The course review should reinforce Microsoft Agent 365, Microsoft Entra Agent ID, Conditional Access, Microsoft Purview DSPM for AI, Microsoft Defender XDR, Defender for Cloud Apps, Microsoft Foundry guardrails, AI Gateway security, Defender for Cloud, agent inventory, sensitive data risk, runtime protection, incident investigation, and governance reporting.

Skills alignment

AB-6007 supports practical readiness for administrators and security teams responsible for governing AI agents in Microsoft 365. The course helps students understand how to treat AI agents as managed digital workers that require identity controls, data protection, threat monitoring, lifecycle governance, and ongoing compliance oversight.