A Quick Review of Microsoft Security Copilot's Microsoft Entra Conditional Access Optimization Agent

I had the chance to try out the Microsoft Entra Conditional Access optimization agent in Microsoft Security Copilot. Here’s a brief summary of my experience.

Heads Up

This blog post is based on information as of June 21, 2025. It also includes details about a feature in Limited Public Preview. Please be aware that availability may vary depending on your tenant. Additionally, if you are using Security Copilot for temporary testing and not for continuous use, remember to delete the Security Copilot resource (SCU) to avoid unnecessary costs.

Summary

• In large enterprises, Conditional Access policies often grow in number and complexity with each M&A or organizational change, making manual management nearly impossible. This can create unintended security holes.
• The "Conditional Access optimization agent" uses AI to continuously review Conditional Access, automatically detecting policy "gaps" (like users unprotected by MFA) and "overlaps," then providing administrators with concrete recommendations for improvement.
• While its analytical perspectives are currently limited, I feel this is a very promising first step toward preventing person-dependent policy management and achieving more autonomous, advanced security operations as its capabilities expand.

The Labyrinth of Enterprise Conditional Access

Microsoft Entra Conditional Access is a cornerstone of security and access control. However, as organizations grow, their policies often proliferate and turn into a chaotic maze. This is especially true for large corporate groups sharing a single Microsoft 365 tenant. Policies created for individual projects, temporary needs, or different teams are often left behind without being cleaned up after they have served their purpose.

While this is less of an issue in companies with a few dozen employees, enterprises can have policies numbering close to the service limit of 195¹, leading to redundancy, conflicts, and numerous security gaps. Many administrators rely on manual audits using PowerShell scripts and Excel spreadsheets, but this is a time-consuming and arduous task, especially when many stakeholders are involved.

Can the Conditional Access Optimization Agent Help?

In response to these serious challenges, Microsoft introduced the "Microsoft Security Copilot Conditional Access optimization agent"² in 2025. Microsoft Security Copilot³, announced in 2023, is a generative AI-based security assistance tool. Microsoft has further evolved this Copilot by introducing Security Copilot Agents that automate specific tasks.

Source: Microsoft unveils Microsoft Security Copilot agents and new protections for AI

Unlike the traditional, prompt-driven Security Copilot, the Microsoft Security Copilot Agent allows Copilot to autonomously handle tasks in specific areas in the background. Microsoft has announced several other agents, such as the "Phishing triage agent for Defender," which specializes in responding to phishing emails, and the "Alert triage agent for Purview," which assesses the severity of data loss prevention alerts.

Trying It Out

To use this feature, you need a Microsoft Entra ID P1 license or higher, as well as a Microsoft Security Copilot license (Security Compute Units - SCUs) on Azure. First, you deploy the SCUs in Azure. After that, the agent screen will appear within the Entra portal.

Since this is currently a Limited Public Preview, it's not available in all tenants. If you don't see the agent, you may have to wait for it to be rolled out to your tenant.

Once enabled, the agent automatically scans your Conditional Access policies every 24 hours. It evaluates them for "protection gaps," such as users or applications where Multi-Factor Authentication (MFA) is not applied.

When an issue is found, it's listed on the Copilot home screen. Clicking on a suggestion provides a specific improvement plan, such as, "These users are not protected by MFA. Do you want to create a new policy to target them?" You can then create a new policy in report-only mode with a single click.

List of suggestions

Here, the agent recommends a policy to enforce MFA when a sign-in is determined to be high-risk.

Despite the "agent" name, the Security Copilot Agent won't automatically modify existing policies or enable new ones without approval. It follows a "human-in-the-loop" design that relies on administrator review and confirmation.

So, What Was It Like?

The User Experience (Flow) is Excellent

The entire process, from enabling the agent to receiving suggestions and creating a policy, is incredibly smooth. Administrators don't need to perform complex operations; they simply review and evaluate the AI's proposals. After review, the policy is created with just a click.

This example is a bit hard to see, but it's pointing out that an account named "test" is not covered by a policy requiring strong authentication methods.

I was also impressed that the suggested policy is first created in "Report-only" mode. This provides a safe buffer to evaluate who will be affected by the new policy and how (by checking the sign-in logs) before it impacts any actual users. This peace of mind is crucial for enterprise administrators who are cautious about making changes to a production environment.

Review Scope and Suggestions Are "Currently" Limited

On the other hand, the agent's current capabilities are still limited. At present, it primarily detects users created within the last 24 hours who lack basic protections like MFA or compliant devices, and it can review policy overlaps. More advanced, context-aware analysis—like asking, "The Conditional Access settings for our executives' mobile devices are different, why is that? Here's another way to do it, should we reconsider?"—is not yet possible.

You can supplement its perspective with custom instructions, but if you can write a custom instruction to check for something, it means you could also check for it yourself. A significant part of our expectation for AI is the presentation of perspectives we hadn't considered, so in that respect, it felt slightly underwhelming. The agent feels less like an "all-knowing AI consultant" and more like a "diligent junior auditor who sticks to the basics." However, considering the accuracy of the latest models, I frankly think it could do more, and I look forward to seeing the scope of its reviews expand in the future.

Custom instructions

For this reason, I think it might be less impactful for companies that apply the same uniform policies and strong MFA to all users. However, AI is evolving at a breathtaking pace, so I recommend keeping a close watch on its progress. What seems underwhelming at first can become amazing before you know it.

On-Demand vs. Agent: The Value of Seamless, Continuous Evaluation

The business landscape and Microsoft 365 features are constantly changing. IT departments must keep up with these cumulative changes, making it impossible to guarantee security through periodic audits alone. In this context, I found the agent's ability to review changes every single day to be incredibly valuable. While smaller companies may have simple policies, larger ones can become incredibly complex. Running daily manual checks is prohibitively expensive, but this is where AI shines. Hopefully, the day will come when an agent can review all our M365 policies every day.

Conclusion

While this new feature is still in its early stages with a narrow focus, its true value lies in its future potential. Considering that the latest AI models will likely be applied to it, its potential is immense. I feel this is a crucial first step in elevating policy management from a person-dependent, manual task to an AI-assisted, objective, and continuous process. The trend of Security Copilot triggers moving beyond human intervention to perform continuous, iterative tasks is a very welcome one.

---

¹ Microsoft Entra service limits and restrictions
² Microsoft Security Copilot agents overview
³ Microsoft Security Copilot