Why it matters
Microsoft lays out a defense-in-depth model for autonomous agents, covering new threat classes such as agent hijacking, intent breaking, sensitive data leakage, supply-chain compromise, and inappropriate reliance.
My takeaway: Good operating model for agent security reviews because it frames agent risk as an application architecture problem: identity, permissions, data exposure, tool constraints, monitoring, rollback, and human oversight all need explicit design.