As organisations rapidly adopt AI agents — from Copilot-style assistants to autonomous workflows — many are deploying them faster than they can govern them. The result is agent sprawl: over-privileged, poorly understood AI agents operating without clear ownership, lifecycle controls, or security oversight.

In this session, we explore why AI agents introduce security challenges that traditional application and user identity models don’t fully address. We’ll examine real enterprise scenarios involving assistive agents, autonomous agents, and agent users, and highlight risks such as permission creep, prompt injection, and lack of auditability.

The session then shows how Microsoft Entra extends identity, conditional access, governance, and Zero Trust principles to AI agents, helping organisations regain visibility and control before agent sprawl becomes the next shadow IT problem.

Attendees will leave with a practical understanding of how to think about AI agent security today — even as the technology continues to evolve.