The landscape of enterprise AI security is undergoing a significant transformation as Zenity, a leader in application security for generative AI, announces the general availability of its inline prevention platform for Microsoft Copilot Studio and its entry into preview for Microsoft Foundry. This strategic expansion represents a critical escalation in runtime enforcement capabilities, directly addressing the unique security and governance challenges posed by agentic AI systems built on Microsoft's powerful low-code platforms. By integrating security directly into the runtime environment of AI agents and automations, Zenity is positioning itself as an essential guardian for organizations rapidly adopting Microsoft's AI ecosystem, ensuring that innovation does not come at the expense of compliance or data integrity.

The Core Challenge: Securing Agentic AI at Runtime

Agentic AI, characterized by systems that can autonomously perform tasks, make decisions, and interact with other software and data sources, introduces a new paradigm of risk. Unlike traditional static applications, AI agents built in Copilot Studio or workflows orchestrated in Foundry are dynamic, context-aware, and often have broad permissions to access enterprise systems. A search for recent security analyses confirms that the primary concerns with these platforms are prompt injection attacks, data leakage, unauthorized actions, and non-compliance with internal policies or regulations during execution. Standard pre-deployment security scans are insufficient because many threats only materialize when the AI interacts with live data and user inputs in unpredictable ways. Zenity's solution, as detailed in their official documentation and corroborated by industry reports, operates on a principle of continuous runtime governance. It monitors and can actively intervene in the execution of AI agents to prevent policy violations as they happen, not just flag them afterward.

Deep Dive: Inline Prevention for Microsoft Copilot Studio

Microsoft Copilot Studio is Microsoft's tool for building custom copilots and conversational AI agents, often integrated with Microsoft 365, Dynamics 365, and custom data sources. With Zenity's platform now generally available for it, organizations gain a layer of defense woven directly into the agent's operation. Technically, the platform works by intercepting and analyzing the inputs (user prompts) and outputs (agent responses and actions) in real-time. According to Zenity's published architecture, it uses a combination of predefined security policies and machine learning models to detect anomalies. For instance, if a user's prompt contains a crafted injection designed to make the copilot reveal sensitive data from a connected SharePoint site, Zenity's inline engine can block that specific query from being processed or sanitize the output before it's returned to the user. This prevents the exploit at the moment of attempt, a capability far more robust than post-incident logging.

Community discussions on developer forums highlight real-world anxieties that this technology addresses. Developers building copilots express concern over "scope creep"—where a well-intentioned agent, due to ambiguous prompting, might overreach its permissions. Others worry about the agent inadvertently performing actions in connected systems, like sending an email or updating a CRM record, based on a malicious or poorly formulated user request. Zenity's runtime enforcement acts as a final, intelligent gatekeeper, ensuring every action aligns with governance rules before it's executed.

Preview for Microsoft Foundry: Securing the AI Orchestration Layer

The extension of Zenity's preview to Microsoft Foundry is perhaps an even more strategic move. Foundry, as part of Microsoft's Fabric platform, is an integrated development environment for building, deploying, and managing data and AI solutions at scale. It's where complex, multi-step AI workflows and data pipelines are created. Securing this orchestration layer is paramount because a vulnerability here could compromise entire data estates. The preview offering suggests Zenity can apply similar inline prevention to the workflows and automations built within Foundry. This could mean preventing a data pipeline from accessing a restricted database, blocking an AI model from using unapproved training data, or stopping an automation from executing a risky sequence of API calls.

Industry analysis from sources like CSO Online and DarkReading indicates that securing AI workflows is a top priority for CISOs in 2024. The ability to enforce data lineage rules, ensure ethical AI model usage, and maintain audit trails of all AI-driven actions within a platform like Foundry is no longer a luxury but a compliance necessity, especially in regulated industries like finance and healthcare.

How Inline Prevention Works: The Technical Mechanism

Based on Zenity's technical disclosures and cross-referenced with general application security principles, the inline prevention platform likely employs an interceptor or proxy architecture. When an AI agent built in Copilot Studio is invoked, its traffic is routed through Zenity's security layer. This layer applies a set of enforceable guardrails:

  • Prompt Security: Analyzes incoming prompts for injection attempts, toxic language, or attempts to manipulate the agent's instructions.
  • Output Control: Scans the agent's generated responses and planned actions for data leaks, policy violations, or incorrect information (hallucinations).
  • Action Validation: For agents that can perform actions (like creating a ticket or generating a report), the platform validates that the action is authorized and within the context of the user's session and permissions.
  • Context-Aware Policies: Security rules can be dynamic, considering the user's role, the sensitivity of the data being accessed, and the agent's defined purpose.

This happens in milliseconds, aiming to be transparent to the end-user while providing security teams with detailed logs and alerts for every intercepted event.

The Market Context and Competitive Landscape

Zenity's move is a direct response to the explosive growth of low-code AI platforms. Microsoft has aggressively positioned Copilot Studio and Fabric (including Foundry) as central to its AI strategy for enterprises. By securing these platforms, Zenity is embedding itself into a critical and growing market segment. A search for competitor analysis shows that while other companies offer AI security posture management (AI-SPM) or focus on pre-deployment testing of AI models, few have announced deep, inline runtime enforcement specifically for Microsoft's low-code AI builders. This gives Zenity a potential first-mover advantage in a niche that is likely to become fiercely competitive as AI adoption matures and regulatory pressures mount.

Implications for Developers and Security Teams

For developers using Copilot Studio and Foundry, Zenity's platform promises to reduce the security burden. They can focus on building functional and innovative agents and workflows, relying on the security platform to enforce guardrails consistently. This aligns with the "shift-left" philosophy but adds a crucial "runtime-right" component. For security and compliance teams, it provides much-needed visibility and control over a new class of applications that are notoriously difficult to monitor with traditional tools. They can define central policies—such as "no copilot may access employee personal data" or "all Foundry workflows must log their data sources"—and have them enforced automatically across all AI deployments.

Future Outlook and Conclusion

The preview for Foundry and general availability for Copilot Studio is just the beginning. As Microsoft continues to integrate AI capabilities across its suite—from GitHub Copilot to Azure AI services—the need for unified, platform-aware security will only grow. Zenity's roadmap will likely involve deeper integrations, more granular policy controls, and expanded support for the entire Microsoft AI stack. Furthermore, as regulations like the EU AI Act come into force, tools that provide demonstrable runtime safety and auditability will transition from competitive advantages to mandatory requirements.

In conclusion, Zenity's expansion represents a pivotal step in the maturation of enterprise AI. It acknowledges that the power of agentic AI built on platforms like Microsoft Copilot Studio and Foundry must be matched with proportional, intelligent, and immediate security controls. By moving security directly into the runtime, Zenity is not just selling a tool; it is enabling a safer and more governable path for organizations to harness generative AI, ensuring that the pursuit of efficiency and innovation remains firmly within the bounds of security and compliance.