SECURE AGENT SIMULATOR

Design a Microsoft agent. See the real security tradeoffs before rollout.

A guided way to test risk before agent design decisions become production decisions.

Start the review

1 Choose the agent

Start with one realistic scenario.

2 Shape the exposure

Define reach, actions, data sensitivity, and connectors.

3 Add the guardrails

Pressure-test ownership, approvals, visibility, and protection.

4 Read the risk brief

Turn the design into a clear security conversation.

Chapter 1

What are you building?

Pick one realistic scenario to begin.

Current state

No scenario selected

Select one of the four examples above to turn the simulator into a guided review.

Chapter 1

Shape the exposure.

Start with reach and action capability.

Selected use case

Choose a use case to begin.

Your scenario appears here so the next decisions stay grounded in a real context.

Current state

Step 1 of 2

Complete these two decisions and the next card will appear automatically.

How much access does it get?

Pick the likely permission model.

What is it allowed to do?

Decide how active the agent becomes.

Chapter 1

Finish the early blast radius.

Now define the data sensitivity and connector spread.

Selected use case

Choose a use case to begin.

Your scenario appears here so the next decisions stay grounded in a real context.

Current state

Step 2 of 2

Complete these last two exposure questions and the simulator will move into guardrails.

How sensitive is the data?

Estimate the exposure if the agent overshares.

How many systems does it connect to?

Think about connector spread and boundaries.

Start with the use case and four design basics Once those are answered, the deeper control review will appear.

Chapter 2

Who controls this agent in practice?

Start with accountability and approval boundaries. This is the first point where the design either stays governable or starts drifting.

Ownership and registration

Start by deciding how visible and accountable this agent is inside your environment.

Is the agent formally registered?

Who owns it?

Approvals and identity

Define how much reach this agent should have before it starts touching people, systems, or high impact actions.

Do actions need approval?

How strong are the Entra guardrails?

Chapter 2

How visible and protected is it once live?

Finish with auditability, review cadence, protection, and monitoring so the simulator can judge whether this design is safe enough for a pilot.

Visibility and review

Decide how visible the agent should be once it is live, including prompts, actions, and review ownership.

How much activity can you see?

How often is it reviewed?

Data and protection

Apply the data protection, monitoring, and governance controls that should wrap around the agent from day one.

How strong is the Purview coverage?

How is it monitored?

Chapter 3

Your risk brief

Complete the design first Finish the control review to open the final risk brief.

Green 0-32: pilot ready

Orange 33-66: needs guardrails

Red 67-100: high risk

Current posture

Finish the first two stages and this section will explain the main security risks in clear language.

What this agent can do

Once the design is complete, this section will describe the likely reach and behaviour of the agent.

Why this design becomes risky

What to change before pilot

Executive and architecture summary

Once the design is complete, this section will turn it into a concise summary for builders, architects, and CISOs.

This simulator is for learning purposes only. It is not production approval and should not be treated as permission to move an agent build live.