Microsoft is rolling out an important enhancement to help organizations use Microsoft 365 Copilot more securely. Starting this year, Microsoft Purview Data Loss Prevention (DLP) will include new protections designed specifically for Copilot and Copilot Chat. The goal: prevent sensitive data from being sent to external web search engines during AIâassisted interactions.
This update introduces realâtime DLP evaluation for prompts that contain Sensitive Information Types (SITs). When Copilot detects protected data in a userâs prompt, it will block any external web search from taking place. Instead, Copilot will continue responding only with internal Microsoft Graph data provided that the userâs licensing allows it.
Public Preview Begins: Late March 2026 Completes: Late April 2026
General Availability (Worldwide) Begins: Late June 2026 Completes: Late July 2026
What This Means for Your Organization
Who Will Be Affected?
This update is relevant for:
Organizations using Microsoft 365 Copilot, Copilot Chat, or Copilot Studio agents published to Microsoft 365.
Admins who manage Data Loss Prevention policies in the Microsoft Purview portal.
Whatâs Changing?
New DLP Control for Copilot Web Search
Admins will soon see a new option when configuring DLP policies: the ability to stop Copilot from using external web search when a prompt includes specific sensitive information types.
When this policy is triggered:
Copilot will not send content to external web search providers.
Copilot will still respond, drawing exclusively from internal Microsoft Graph data sources (assuming the userâs licensing supports this).
Microsoft is rolling out a major update to the Data Security Posture Agent in Microsoft Purview, and itâs a big step forward for organizations looking to stay ahead of credentialârelated risks.
The newest addition is a credential scanning capability designed to help you uncover exposed credentials, like Microsoft Entra ID details, private keys, API tokens, and other sensitive access points across your selected data locations. With this update, Purview doesnât just spot the issues; it also gives you risk scores, AIâgenerated insights, confidence levels, and credential categories so you can quickly understand what matters and what needs attention.
All findings are surfaced in one streamlined task board, making it easier than ever to review, confirm, and take action.
Public Preview: Starts late March 2026, expected to finish by early April 2026
General Availability (Worldwide): Starts late June 2026, wrapping up by early July 2026
What This Means for Your Organization
Who will notice the change?
Admins who manage Microsoft Purview and use the Data Security Posture Agent within Microsoft 365 tenants will see the new feature appear under the Explore Agent section.
Whatâs changing?
A brandânew credential scanning experience is being introduced, including:
LLM-powered detection of exposed credentials across selected data locations
Automated identification of:
Microsoft Entra ID credentials
Private keys
API tokens
Additional sensitive credential types
Each detection comes with:
A risk score
AI-generated insights
A confidence rating
A credential category
And to help you stay organized, Purview provides a task board where you can follow up on findings, track progress, and take recommended actions, all in one place.
Microsoft is rolling out a great new capability that will make life much easier for anyone who works with Data Loss Prevention (DLP) alerts. Youâll now start seeing AIâgenerated summaries and categorizations, produced by the Microsoft Purview Data Security Triage Agent, directly inside the Microsoft Defender XDR portal.
This means faster triage, clearer insights, and less time manually digging through alert details.
Whatâs new?
When a DLP alert fires, analysts will now see:
A concise AIâgenerated summary of what happened
A suggested categorization of the alert
Context pulled directly from the incident to help speed up investigation
If youâve already deployed the Triage Agent in Purview, these summaries will show up automatically in your Defender XDR alerts. If not, eligible analysts will be able to deploy it directly from the alert page super handy.
Rollout timeline
Public Preview Starts: Early April 2026 Completed by: MidâApril 2026
General Availability (Worldwide) Starts: MidâAugust 2026 Completed by: Late August 2026
Microsoft is rolling out a new wave of Certifications that reflect todayâs rapidly evolving cloud, AI, and security landscape. The first beta exams begin this month, with more releases over the next few months, and all new Certifications expected to become generally available later this year.
New Microsoft Certification Beta Timeline (2026)
Machine Learning Operations (MLOps) Engineer Associate Perfect for professionals who deploy and manage machine learning and generative AI solutions in production.
Exam: AIâ300 (beta) â March 2026
Training: Available March 2026
Go-live: May 2026
Azure Databricks Data Engineer Associate Ideal for data engineers who design secure, scalable pipelines using Azure Databricks to support realâtime analytics and AI.
Exam: DPâ750 (beta) â March 2026
Training: Available March 2026
Go-live: May 2026
SQL AI Developer Associate Validates your ability to build AIâpowered, modern database applications using bestâpractice governance and DevOps approaches.
Exam: DPâ800 (beta) â March 2026
Training: Available March 2026
Go-live: May 2026
Azure AI Fundamentals A refreshed Fundamentals Certification focused on building modern AI apps and agents using Microsoft Foundry â great for beginners.
Exam: AIâ901 (beta) â April 2026
Training: March 2026
Go-live: June 2026
Azure AI App and Agent Developer Associate Aligned with generative and agentic architectures. Covers building generative apps, multistep reasoning workflows, and productionâready agent solutions.
Exam: AIâ103 (beta) â April 2026
Training: March 2026
Go-live: June 2026
Cybersecurity Business Professional Validates your ability to recognize risks, apply secure-by-design practices, and support business decisionâmaking that enables secure AI adoption.
Exam: SCâ730 (beta) â April 2026
Training: May 2026
Go-live: July 2026
Azure AI Cloud Developer Associate Designed for developers building and monitoring AI solutions on Azure using containers, vector databases, serverless components, and distributed observability.
Exam: AIâ200 (beta) â April 2026
Training: April 2026
Go-live: July 2026
Cloud and AI Security Engineer Associate Focuses on securing cloud and AI workloads, protecting models, and applying enterpriseâgrade security patterns.
Exam: SCâ500 (beta) â May 2026
Training: July 2026
Go-live: July 2026
Windows Server Hybrid Administrator A unified Certification covering both Azure and onâpremises hybrid administration.
Exam: AZâ802 (beta) â June 2026
Training: August 2026
Go-live: August 2026
Retiring Certifications: Key Dates & What Replaces Them
As Microsoft updates its Certification portfolio for modern AIâdriven roles, several existing Certifications are scheduled for retirement in 2026. If you hold one of these, make sure you renew it before the retirement date if renewal is available.
You can read more in the official Microsoft article here.
Today Microsoft is rolling out some major updates that truly reshape how AI shows up in everyday work. Hereâs whatâs new:
Wave 3 of Microsoft 365 Copilot
More model diversity, with Claude and nextâgen OpenAI models available starting today
Agent 365 becoming generally available on May 1 at $15 per user
Microsoft 365 E7: The Frontier Suite, also coming May 1, priced at $99 per user
Wave 3 is honestly the biggest shift Iâve seen in Copilot so far. It doesnât feel like âAI that helps you write or summarizeâ anymore, it feels like Microsoft is moving Copilot into a true agent that can actually do work for you, not just respond to prompts. And this changes everything in how weâll use Microsoft 365.
Frontier Transformation – What It Really Means
Microsoft is talking about âFrontier Transformationâ but at its core, itâs actually simple: AI should help people achieve their highest goals â not just make processes a little faster.
Copilot Cowork – The game changer
The main highlight is Copilot Cowork, built together with Anthropic (the team behind Claude). What I love about it is that it can finally take on a whole piece of work, break it into steps, run those steps in Word, Excel, PowerPoint, Outlook, and keep you updated as it goes.
Not instantly, but over minutes or even hours. So instead of: âWrite a oneâpage summaryâ It becomes: âPrepare the full report, build the Excel analysis, create the PowerPoint, and draft the email to the team.â And it actually moves this work forward across the apps we already use daily.
Edit with Copilot – In-app agentic editing
Another thing I like is that âAgent Modeâ is gone. Itâs now simply called Edit with Copilot, and it works right inside the apps:
Word: turns your messy draft into something polished
Excel: actually builds formulas and charts (not just suggests)
PowerPoint: creates slides using your real templates and brand
Outlook: drafts or refines emails in the compose window
No more copy-paste. No more losing sensitivity labels. Everything stays governed and saved where it should be.
Work IQ – Copilot that âknows how you workâ
Wave 3 also introduces Work IQ, which gives Copilot a deeper understanding of:
Your organizationâs content
Your collaboration patterns
The apps and workflows you use
The context behind your requests
This is what helps Copilot choose the right model (Claude or OpenAI) depending on the task.
Multiâmodel Copilot (Claude + OpenAI)
For the first time, Copilot becomes model-agnostic. Youâll be able to pick or automatically use:
Anthropic Claude (via the Frontier program)
OpenAI models
A model selector is coming to Copilot Chat so you can choose which model works best, depending on the task.
New licensing tier: Microsoft 365 E7 âThe Frontier Suiteâ
Microsoft also launched a brand new enterprise tier â their first in 11 years: Microsoft 365 E7 (The Frontier Suite)
It bundles:
M365 E5
Copilot
Agent 365
Additional security + analytics tools
This shows how seriously Microsoft is betting on agentic AI becoming the new standard.
Rollout timeline
Wave 3 features are:
Already in research preview for selected customers
Expanding via the Frontier Program starting March 2026
With Wave 3, Agent 365, Work IQ, and the new E7 suite, AI is shifting from early experimentation to real, scalable, enterprise-wide value. Microsoft is not only imagining what AI could be itâs giving organizations the tools to build that future right now.
You can read more in the official Microsoft article here.
Microsoft is introducing a new soft purge action in Data Security Investigations (DSI), giving admins a quick and safe way to remove sensitive or overshared files during an investigation. With soft purge, items can be deleted immediately but still recovered later as long as theyâre within their deletedâitem retention period, so admins get speed without risking permanent data loss.
This builds on DSIâs growing set of AIâpowered tools like intelligent categorization, AI search, and automated risk insights making it easier than ever for organizations to spot issues and take action fast.
New update coming to Microsoft 365 Roadmap ID 558109. A soft purge action will soon be available in Data Security Investigations (DSI), giving admins a safer and more flexible way to remove sensitive or overshared content during an investigation.
When itâs rolling out
General Availability (Worldwide): Begins early April 2026
Expected completion:late May 2026
What this means for your organization
Who is affected?
Admins who use Data Security Investigations (DSI) in the Microsoft Purview compliance portal.
Whatâs changing
A new soft purge option will appear in DSI. With this action, admins can:
Remove items that match an investigation query
Keep those items recoverable until the retention period expires
Act quickly without risking accidental permanent deletion
And the best part:
The feature is on by default
No configuration needed
No changes to existing DLP, labeling, or retention policies
End users will not see any changes in their workflows
Once the rollout finishes, the feature simply appears for eligible tenants.
How to prepare
There is nothing you need to do in advance. If you want to get ahead, you may consider:
Reviewing how soft purge works in DSI
Updating any internal guidance on investigation processes
Informing your security or compliance teams about the new action
Overall, this update gives organizations a safer and more controlled way to remove sensitive content during investigationsâwithout adding extra steps or complexity.
Microsoft Purview is rolling out a great new capability for SharePoint and OneDrive: automatic actions for sensitivity labels.
Until now, if someone manually applied the wrong label to a file, admins had limited optionsâespecially when large volumes of content were involved. With this update, Purview can now automatically override or remove manually applied sensitivity labels when they donât match your organizationâs policies.
In simple terms: Your data stays correctly classified, even when humans make mistakes.
Rollout begins midâApril 2026, and the feature will be off by default, giving administrators full control over when and how they want to enable it. Itâs another step toward stronger, more accurate data governance across Microsoft 365.
Microsoft Purview is getting a meaningful upgrade as part of its ongoing integration with Microsoft Defender for Cloud Apps. The latest improvement brings new autoâlabeling actions to SharePoint and OneDrive, giving organizations more control over how sensitive information is classified across their environment.
Whatâs new? Admins can now automatically override sensitivity labels that were applied manually or remove labels entirely when a file no longer meets the criteria for that classification. This means large volumes of content can stay properly labeledâeven as information changesâwithout relying on users to update labels themselves.
Microsoft is rolling out an exciting update that will make life noticeably easier for anyone who works with shared or delegated inboxes in Outlook. Whether youâre an executive assistant managing a busy calendar, part of an HR or finance team working from a shared mailbox, or supporting customers from a service desk accountâCopilot is about to become your new best friend.
Until now, Copilot features like summarizing threads or drafting replies were only available when you were in your own mailbox. But thatâs changing. With this update, Copilot will work natively inside the shared or delegated mailboxes you already use every day, bringing AI assistance directly to the place where your work actually happens.
This enhancement is tracked under Microsoft 365 Roadmap ID 554936, and itâs one of the most practical Copilot improvements so far for collaborative teams.
When is this coming?
Targeted Release: Rolling out from early April 2026 through early May 2026
General Availability: Rolling out from early May 2026 through early June 2026
In other wordsâit’s coming soon, and it will reach everyone within the next couple of months.
Whatâs changing and who benefits?
This update applies to:
People who work in shared or delegated Outlook mailboxes
Organizations where users are licensed for Microsoft 365 Copilot
Once enabled, users will be able to:
â Use Copilot Chat directly inside shared or delegated mailboxes
You no longer need to switch back to your primary inbox to engage Copilot.
â Access features like Summarize, Draft, and other Copilot prompts
These capabilities will now operate on the content of the shared mailbox itself.
â Skip awkward prompt wording
No more typing things like âin @domain.comâŚâ. You can simply ask Copilot naturally, and it understands the context of the mailbox you’re currently in.
â Benefit from full support for:
Full-access shared mailboxes
Shared folder permissions
Folder-level access models commonly used by support desks and admin teams
â Keep your Copilot history private
Even though multiple people may work in the same shared mailbox, the Copilot conversation history stays tied to your personal account, not the shared mailbox. No cross-user visibility. No confusion.
What does this mean for your organization?
The good news: Thereâs nothing you need to turn on. This feature will light up automatically for licensed users once rollout reaches your tenant.
Still, itâs worth doing a quick review of:
Your shared mailbox permission structure
Folder-level roles (especially for teams with tiered access)
Training materials or internal FAQs that mention Copilot in Outlook
You may want to update your documentation so users understand they can now use Copilot directly within shared inboxes.
Microsoft Purview is rolling out a series of improvements designed to make AI analysis in Data Security Investigations (DSI) faster, smoother, and easier for analysts to use.
With these updates, items added to an investigation will now be automatically prepared for AI analysisâremoving a repetitive manual step and helping analysts get to insights sooner. Purview is also introducing a new standard categorization option, giving organizations a quicker and more costâefficient way to group and review investigation items. For deeper insights, advanced categorization, including AIâgenerated topics, will continue to be available.
Microsoft has announced major enhancements to its Sovereign Cloud, enabling governments, regulated industries, and highâsecurity organizations to run critical infrastructure, productivity workloads, and large AI modelsâeven with zero internet connectivity.
đ Whatâs New
Microsoft introduced three key capabilities designed for environments with strict dataâsovereignty requirements:
Azure Local â Disconnected Operations: Run missionâcritical workloads with full Azure governance and policy enforcement without any cloud connection, ideal for sovereign, classified, or isolated environments.
Microsoft 365 Local â Fully Offline Productivity: Exchange, SharePoint, and Skype for Business can now run completely inside a customerâcontrolled boundary, ensuring teams stay productive even when fully offline (supported through at least 2035).
Foundry Local â Large AI Models, Fully AirâGapped: Organizations can deploy and run multimodal, largeâscale AI models on local hardware using modern GPU infrastructure from partners like NVIDIAâall inside sovereign boundaries.
Unified Sovereign Private Cloud
These capabilities come together as the Sovereign Private Cloud, integrating Azure Local, Microsoft 365 Local, and Foundry Local into one stack that supports connected, hybrid, or completely disconnected modesâwithout sacrificing productivity or AI innovation.
Why It Matters
This expansion empowers organizations with:
Stronger regulatory compliance
Full data residency and control
Operational continuity in environments with limited or no connectivity
The ability to deploy advanced AI capabilities entirely onâpremises
