MC1257999 - Microsoft Purview DLP: Unmanaged cloud app discovery and protection with Microsoft Purview and Palo Alto Prisma Access

Introduction

Microsoft Purview network data security now integrates with Palo Alto Prisma Access, extending discovery and protection to network traffic. With this integration, new and existing Palo Alto Prisma Access customers can configure Microsoft Purview collection and data loss prevention policies to discover and protect sensitive data shared with unmanaged cloud apps via HTTP/HTTPS, using the same classifiers, sensitive information types, and sensitivity labels used in other Purview policies. This integration also further enriches Purview Data Security Posture Management (DSPM), Insider Risk Management (IRM), enables data security & compliance for AI interactions, and more.

This message is associated with Microsoft 365 Roadmap ID 558939.

When this will happen:

• Public preview: We will begin rolling out in mid-April 2026 and expect to complete by mid-May 2026.
• General availability: We will begin rolling out in late October 2026 and expect to complete by late November 2026.

How this affects your organization:

Who is affected:

• Organizations using Microsoft Purview.
• Customers using or planning to use Palo Alto Prisma Access.
• Microsoft 365 administrators managing Purview collection and DLP policies.

What will happen:

• The Palo Alto Prisma Access integration will automatically appear in the Purview DLP Security Store as the feature rolls out.
• The integration is not enabled by default. Administrators must explicitly enable it before it can be used in policies.
• Once enabled, administrators can use existing or new Purview collection and DLP policies to inspect and protect data detected through Palo Alto Prisma Access network traffic.
• Existing network data security collection and DLP policies will automatically apply after the integration is enabled.
• There is no impact to users unless administrators enable the integration and configure network data security policies in Microsoft Purview.

What you can do to prepare:

• Confirm that Purview pay-as-you-go is enabled and configured for your tenant, as it is required to use this integration. Learn more: Enable Microsoft Purview pay-as-you-go features for new customers.
• Review your existing Purview collection and DLP policies to identify where network-based data inspection may be appropriate.
• Inform other data security and compliance administrators in your organization about this upcoming capability.
• After rollout, enable the Palo Alto Prisma Access integration from the Purview DLP Security Store when you are ready to use it.

Learn about Microsoft Purview Network Data Security

Compliance considerations:

Area	Explanation
Does the change alter how existing customer data is processed?	Network traffic inspected by Palo Alto Prisma Access can be evaluated by Microsoft Purview DLP policies once the integration is enabled by an administrator.
Does the change modify Purview DLP policies or enforcement?	Existing Purview DLP and network data security policies can be applied to network-based data flows through Palo Alto Prisma Access.
Does the change alter how admins can monitor or report on compliance activities?	Admins can monitor network-based data inspection and policy enforcement through existing Purview reporting and dashboards.
Does the change add an integration with third-party software?	This feature integrates Microsoft Purview with Palo Alto Prisma Access.
Does the change include an admin control?	The integration is disabled by default and must be explicitly enabled by administrators in the Purview DLP Security Store.