ACCORDING to Microsoft Security Blog, Microsoft is expanding Zero Trust to AI with a new set of tools and guidance for the AI lifecycle, including a new AI pillar in the Zero Trust Workshop, updated Data and Networking pillars in the Zero Trust Assessment tool, a new Zero Trust reference architecture for AI, and practical patterns and practices for securing AI at scale.
The Zero Trust Workshop now features an AI pillar that covers 700 security controls across 116 logical groups and 33 functional swim lanes, while the Zero Trust Assessment adds Data and Network pillars alongside Identity and Devices. A Zero Trust for AI reference architecture has also been introduced to show how policy-driven access controls, continuous verification, monitoring and governance work together to secure AI systems.
The framework emphasises three principles: Verify explicitly, Apply least privilege, and Assume breach, applied to AI agents, data, models and prompts. RSAC 2026 will feature three sessions on Zero Trust for AI on 25 and 26 March 2026, and a Zero Trust Assessment for AI pillar is in development, expected to be available in summer 2026.