Local AI agent runtime protection on Windows endpoints
Why it matters: In preview
What to do: Microsoft Defender inspects the agent loop (user prompts, tool calls, and tool responses) and can block risky activity before it executes, helping stop prompt injection and unsafe agent actions at …
Local AI agent runtime protection on Windows endpoints: as part of the Defender AI agents experience, runtime protection for supported local AI agents on Windows endpoints is now available in public preview. Microsoft Defender inspects the agent loop (user prompts, tool calls, and tool responses) and can block risky activity before it executes, helping stop prompt injection and unsafe agent actions at the device level. Blocked and audited events appear as alerts in Microsoft Defender to support incident correlation and investigation workflows. For more information, see Set up AI agent runtime protection with Microsoft Defender for Endpoint.
Affected: Microsoft Defender XDR, Defender for Endpoint