Security for AI agents starts before the first line of code. The first decision — where your agent stores its conversation history and uploaded files — is already a security decision.

Choosing between single-tenant and multi-tenant infrastructure determines your data residency, your compliance boundaries, and how much control you retain over what your agents know and remember.

This session builds from that foundation outward. You will understand what single-tenant agent setup actually requires, why multi-tenant is the faster path but not always the right one, and how to make that call for enterprise environments.

From there, the session moves into runtime threats. You will learn how Foundry's built-in guardrails protect against jailbreaking and prompt injection at the model level — and why that is not enough on its own. APIM adds a second, independent defence layer at the API gateway, enforcing content safety, rate limits, and governance before requests ever reach your agent. Two layers, two different threat surfaces, one coherent security architecture.