Skip to main content

Responsible AI for Microsoft Foundry

Microsoft Foundry provides comprehensive tools and practices for building trustworthy AI agents with end-to-end security, observability, and governance.

Responsible AI Framework

Our approach follows the Microsoft Responsible AI Standard with three key stages:
1

Discover

Identify agent quality, safety, and security risks before and after deployment
2

Protect

Apply safeguards at model output and agent runtime levels
3

Govern

Monitor agents through tracing, logging, and compliance integrations

Safety Controls

Content Filtering

Capabilities:
  • Block harmful inputs and outputs
  • Detect and prevent jailbreak attempts
  • Mitigate prompt injection attacks (including XPIA)
  • Filter for multiple harm categories
Categories:
  • Violence and self-harm
  • Sexual content
  • Hate speech
  • Protected material

Prompt Injection Protection

Protections:
  • Input sanitization
  • Context isolation
  • Cross-prompt injection attack (XPIA) detection
  • User/system message separation

Observability

Conversation Tracing

Features:
  • Full conversation history
  • Tool invocation logs
  • Decision point tracking
  • Performance metrics

Application Insights Integration

Capabilities:
  • Usage data and metrics
  • Performance monitoring
  • Error tracking
  • Custom telemetry

Evaluation Tools

Assessment types:
  • Quality evaluations
  • Safety assessments
  • Performance benchmarks
  • Custom metrics

Governance

Identity and Access

Controls:
  • Microsoft Entra ID authentication
  • Role-based access control (RBAC)
  • Managed identities
  • Conditional access policies

Data Governance

Capabilities:
  • Data residency controls
  • Customer-managed encryption keys
  • Audit logging
  • Compliance certifications

Network Security

Features:
  • Private endpoints
  • Virtual network integration
  • Network isolation
  • Data exfiltration prevention

Security Alerts

View and respond to security alerts in the Risks + alerts section:
1

Sign in

Navigate to Microsoft Foundry portal
2

Select Project

Choose your project
3

View Alerts

Go to Risks + alerts in left navigation
4

Review & Act

Review active alerts and take remediation steps

Best Practices

  • Run adversarial testing
  • Evaluate with representative data
  • Test edge cases and failure modes
  • Conduct red team exercises
  • Set up Application Insights
  • Track key performance metrics
  • Monitor for anomalies
  • Review conversation logs regularly
  • Use content filters
  • Enable prompt injection protection
  • Apply RBAC and network controls
  • Encrypt data at rest and in transit
  • Maintain agent documentation
  • Log all configurations
  • Review audit logs
  • Document incident responses

Resources

Next Steps

Agent Overview

Learn about agent capabilities

Standard Setup

Configure enterprise security

Environment Setup

Deploy secure infrastructure

Quickstart

Build your first agent

Build docs developers (and LLMs) love

Get started for freeTalk to us