MC1191257 - New Microsoft Purview data security posture management experience

Message ID

MC1191257

View in Message Center

Service

Microsoft Purview

Published

Dec 1, 2025

Tag

Major change

New feature

Admin impact

Roadmap ID

532728

View in M365 Roadmap

Platforms

Web

Summary

Microsoft is launching a new Purview Data Security Posture Management (DSPM) experience by early 2026, enhancing AI observability, posture reporting, and automation with Security Copilot. It integrates third-party data signals, extends risk assessments, and maintains existing policies without requiring admin action.

More information

Introduction

Microsoft is introducing a major evolution of Purview Data Security Posture Management (DSPM) to help organizations strengthen data security and confidently embrace AI. The new DSPM experience unifies visibility and control across traditional data and AI-driven environments, delivering outcome-based guided workflows that turn insights into actionable steps—so teams can prioritize risks and remediate faster. It brings AI observability, enhanced posture reporting, and intelligent Security Copilot agents to automate tasks like triage and policy management.

Purview now also extends coverage beyond Microsoft data with third-party signals from partners like BigID, Cyera, OneTrust, and Varonis, giving security teams a single, streamlined view of sensitive data across clouds and platforms. Additionally, Data Risk Assessments are extended to Fabric and item-level analysis with new remediation actions like bulk disabling of overshared SharePoint links.

This message is associated with Microsoft 365 Roadmap ID 532728.

When this will happen:

Public Preview (Worldwide): Rollout begins early December 2025 and completes by early April 2026.
General Availability (Worldwide): Rollout begins early April 2026 and completes by early May 2026.

How this affects your organization:

Who is affected: Admins managing Microsoft Purview DSPM.
What will happen:
- Customers will continue to have access to the current DSPM (classic) and DSPM for AI (classic) experiences.
- Existing policies and configurations remain unchanged.
- The new DSPM experience and its features will be available in addition to existing experiences.
- No default policy changes; onboarding steps from classic experiences carry over.

What you can do to prepare:

No action is required from admins.
For customers already onboarded to DSPM (classic) and DSPM for AI (classic), onboarding steps will automatically carry over.

Learn more:

Learn how Microsoft Purview Data Security Posture Management for AI provides data security and compliance protections for Copilots and other generative AI apps | Microsoft Learn (will be updated before rollout)
Learn about Data Security Posture Management | Microsoft Learn (will be updated before rollout)

Compliance considerations:

Compliance Area	Explanation
AI/ML capabilities interacting with customer data	Security Copilot agents automate triage and policy management.
Integration with 3rd party software	Adds signals from BigID, Cyera, OneTrust, and Varonis.
Admin reporting and monitoring	Enhanced posture reporting and remediation actions introduced.