{"id":46280,"date":"2025-09-17T14:30:00","date_gmt":"2025-09-17T21:30:00","guid":{"rendered":"https:\/\/azure.microsoft.com\/en-us\/blog\/?p=46280"},"modified":"2026-04-07T11:59:13","modified_gmt":"2026-04-07T18:59:13","slug":"agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents","status":"publish","type":"post","link":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/","title":{"rendered":"Agent Factory: Creating a blueprint for safe and secure AI agents"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><em>This blog post is the sixth out of a six-part blog series called <a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/tag\/agent-factory\/\" target=\"_blank\" rel=\"noreferrer noopener\">Agent Factory<\/a> which shares best practices, design patterns, and tools to help guide you through adopting and building agentic AI.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"trust-as-the-next-frontier\">Trust as the next frontier<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Trust is rapidly becoming the defining challenge for enterprise AI. If observability is about seeing, then security is about steering. As agents move from clever prototypes to core business systems, enterprises are asking a harder question: how do we keep agents safe, secure, and under control as they scale?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The answer is not a patchwork of point fixes. It is a blueprint. A layered approach that puts trust first by combining identity, guardrails, evaluations, adversarial testing, data protection, monitoring, and governance.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-a89b3969 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/azure.microsoft.com\/products\/ai-foundry\" target=\"_blank\" rel=\"noreferrer noopener\">Learn more about building trust with Azure AI Foundry<\/a><\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"why-enterprises-need-to-create-their-blueprint-now\">Why enterprises need to create their blueprint now<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Across industries, we hear the same concerns:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">CISOs worry about agent sprawl and unclear ownership.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Security teams need guardrails that connect to their existing workflows.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Developers want safety built in from day one, not added at the end.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">These pressures are driving the <strong>shift left phenomenon<\/strong>. Security, safety, and governance responsibilities are moving earlier into the developer workflow. Teams cannot wait until deployment to secure agents. They need built-in protections, evaluations, and policy integration from the start.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Data leakage, prompt injection, and regulatory uncertainty remain the top blockers to AI adoption. For enterprises, trust is now a key deciding factor in whether agents move from pilot to production.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what-safe-and-secure-agents-look-like\">What safe and secure agents look like<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">From enterprise adoption, five qualities stand out:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Unique identity:<\/strong> Every agent is known and tracked across its lifecycle.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Data protection by design:<\/strong> Sensitive information is classified and governed to reduce oversharing.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Built-in controls:<\/strong> Harm and risk filters, threat mitigations, and groundedness checks reduce unsafe outcomes.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Evaluated against threats:<\/strong> Agents are tested with automated safety evaluations and adversarial prompts before deployment and throughout production.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Continuous oversight:<\/strong> Telemetry connects to enterprise security and compliance tools for investigation and response.<\/li>\n<\/ul>\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture1-1024x576.webp\" alt=\"A framework defining the cycle of risk evaluation and management.\" class=\"wp-image-46545 webp-format\" srcset=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture1-1024x576.webp 1024w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture1-300x169.webp 300w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture1-768x432.webp 768w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture1.webp 1430w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" data-orig-src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture1-1024x576.webp\"><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">These qualities do not guarantee absolute safety, but they are essential for building trustworthy agents that meet enterprise standards. Baking these into our products reflects Microsoft\u2019s approach to trustworthy AI. Protections are layered across the model, system, policy, and user experience levels, continuously improved as agents evolve.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"how-azure-ai-foundry-supports-this-blueprint\">How Azure AI Foundry supports this blueprint<\/h2>\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture2-1.webp\" alt=\"A view of security settings and agent controls inside Azure AI Foundry.\" class=\"wp-image-46546 webp-format\" data-orig-src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture2-1.webp\"><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/azure.microsoft.com\/products\/ai-foundry#Security\" target=\"_blank\" rel=\"noreferrer noopener\">Azure AI Foundry<\/a> brings together security, safety, and governance capabilities in a layered process enterprises can follow to build trust in their agents.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Entra Agent ID<\/strong><br>Coming soon, every agent created in Foundry will be assigned a unique Entra Agent ID, giving organizations visibility into all active agents across a tenant and helping to reduce shadow agents.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Agent controls<\/strong><br>Foundry offers industry first <a href=\"https:\/\/azure.microsoft.com\/products\/ai-services\/ai-content-safety\/\" target=\"_blank\" rel=\"noreferrer noopener\">agent controls<\/a> that are both comprehensive and built in. It is the only AI platform with a cross-prompt injection classifier that scans not just prompt documents but also tool responses, email triggers, and other untrusted sources to flag, block, and neutralize malicious instructions. Foundry also provides controls to prevent misaligned tool calls, high risk actions, and sensitive data loss, along with harm and risk filters, groundedness checks, and protected material detection.<\/li>\n<\/ul>\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture3-1024x824.webp\" alt=\"An example of how Azure AI Foundry flags prompts for security risks.\" class=\"wp-image-46547 webp-format\" srcset=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture3-1024x824.webp 1024w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture3-300x241.webp 300w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture3-768x618.webp 768w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture3.webp 1430w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" data-orig-src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Picture3-1024x824.webp\"><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Risk and safety evaluations<\/strong><br>Evaluations provide a feedback loop across the lifecycle. Teams can run harm and risk checks, groundedness scoring, and protected material scans both before deployment and in production. The Azure AI Red Teaming Agent and PyRIT toolkit simulate adversarial prompts at scale to probe behavior, surface vulnerabilities, and strengthen resilience before incidents reach production.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Data control with your own resources<\/strong><br>Standard agent setup in <a href=\"https:\/\/learn.microsoft.com\/azure\/ai-foundry\/agents\/overview\" target=\"_blank\" rel=\"noreferrer noopener\">Azure AI Foundry Agent Service<\/a> allows enterprises to bring their own Azure resources. This includes file storage, search, and conversation history storage. With this setup, data processed by Foundry agents remains within the tenant\u2019s boundary under the organization\u2019s own security, compliance, and governance controls.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Network isolation<\/strong><br>Foundry Agent Service supports private network isolation with custom virtual networks and subnet delegation. This configuration ensures that agents operate within a tightly scoped network boundary and interact securely with sensitive customer data under enterprise terms.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Microsoft Purview<\/strong><br><a href=\"https:\/\/azure-int.microsoft.com\/products\/purview\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview<\/a> helps extend data security and compliance to AI workloads. Agents in Foundry can honor Purview sensitivity labels and DLP policies, so protections applied to data carry through into agent outputs. Compliance teams can also use Purview Compliance Manager and related tools to assess alignment with frameworks like the EU AI Act and NIST AI RMF, and securely interact with your sensitive customer data under your terms.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Microsoft Defender<\/strong><br>Foundry surfaces alerts and recommendations from <a href=\"https:\/\/www.microsoft.com\/security\/business\/cloud-security\/microsoft-defender-cloud\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Defender<\/a> directly in the agent environment, giving developers and administrators visibility into issues such as prompt injection attempts, risky tool calls, or unusual behavior. This same telemetry also streams into Microsoft Defender XDR, where security operations center teams can investigate incidents alongside other enterprise alerts using their established workflows.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Governance collaborators<\/strong><br>Foundry connects with governance collaborators such as Credo AI and Saidot. These integrations allow organizations to map evaluation results to frameworks including the EU AI Act and the NIST AI Risk Management Framework, making it easier to demonstrate responsible AI practices and regulatory alignment.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"blueprint-in-action\">Blueprint in action<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">From enterprise adoption, these practices stand out:<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Start with identity<\/strong>. Assign Entra Agent IDs to establish visibility and prevent sprawl.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Built-in controls<\/strong>. Use Prompt Shields, harm and risk filters, groundedness checks, and protected material detection.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Continuously evaluate<\/strong>. Run harm and risk checks, groundedness scoring, protected material scans, and adversarial testing with the Red Teaming Agent and PyRIT before deployment and throughout production.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Protect sensitive data<\/strong>. Apply Purview labels and DLP so protections are honored in agent outputs.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Monitor with enterprise tools<\/strong>. Stream telemetry into Defender XDR and use Foundry observability for oversight.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Connect governance to regulation<\/strong>. Use governance collaborators to map evaluation data to frameworks like the EU AI Act and NIST AI RMF.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"proof-points-from-our-customers\">Proof points from our customers<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Enterprises are already creating security blueprints with Azure AI Foundry:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong><a href=\"https:\/\/azure.microsoft.com\/blog\/agent-factory-top-5-agent-observability-best-practices-for-reliable-ai\/\" target=\"_blank\" rel=\"noreferrer noopener\">EY<\/a><\/strong> uses Azure AI Foundry\u2019s leaderboards and evaluations to compare models by quality, cost, and safety, helping scale solutions with greater confidence.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/customers\/story\/23953-accenture-azure-ai-foundry\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Accenture<\/strong><\/a> is testing the Microsoft AI Red Teaming Agent to simulate adversarial prompts at scale. This allows their teams to validate not just individual responses, but full multi-agent workflows under attack conditions before going live.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"learn-more\">Learn more<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Create with <a href=\"https:\/\/ai.azure.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Azure AI Foundry<\/a>.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Join us at <a href=\"https:\/\/register.secure.microsoft.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Secure on September 30<\/a> to learn about our newest capabilities and how Azure AI Foundry integrates with Microsoft Security to help you build safe and secure agents, with speakers including Vasu Jakkal, Sarah Bird, and Herain Oberoi.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Implement a <a href=\"https:\/\/learn.microsoft.com\/training\/modules\/responsible-ai-studio\/\" target=\"_blank\" rel=\"noreferrer noopener\">responsible generative AI<\/a> solution in Azure AI Foundry.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Did you miss these posts in the <a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/tag\/agent-factory\/\" target=\"_blank\" rel=\"noreferrer noopener\">Agent Factory series<\/a>?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-the-new-era-of-agentic-ai-common-use-cases-and-design-patterns\/\" target=\"_blank\" rel=\"noreferrer noopener\">The new era of agentic AI\u2014common use cases and design patterns<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-building-your-first-ai-agent-with-the-tools-to-deliver-real-world-outcomes\/\">Building your first AI agent with the tools to deliver real-world outcomes<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-top-5-agent-observability-best-practices-for-reliable-ai\/\">Top 5 agent observability best practices for reliable AI<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-from-prototype-to-production-developer-tools-and-rapid-agent-development\/\">From prototype to production\u2014developer tools and rapid agent development<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-connecting-agents-apps-and-data-with-new-open-standards-like-mcp-and-a2a\/\">Connecting agents, apps, and data with new open standards like MCP and A2A<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-designing-the-open-agentic-web-stack\/\">Designing the open agentic web stack<\/a><\/li>\n<\/ul>\n\n\n\n<aside class=\"cta-block cta-block--align-left cta-block--has-image wp-block-msx-cta\" data-bi-an=\"CTA Block\">\n\t<div class=\"cta-block__content\">\n\t\t\t\t\t<div class=\"cta-block__image-container\">\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/08\/Azure-DevTools-Light-2-1024x768.jpg\" class=\"cta-block__image\" alt=\"A close up of a group of 3 D dev tools.\" srcset=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/08\/Azure-DevTools-Light-2-1024x768.jpg 1024w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/08\/Azure-DevTools-Light-2-300x225.jpg 300w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/08\/Azure-DevTools-Light-2-768x576.jpg 768w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/08\/Azure-DevTools-Light-2-1536x1152.jpg 1536w, https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/08\/Azure-DevTools-Light-2-2048x1536.jpg 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/>\t\t\t<\/div>\n\t\t\n\t\t<div class=\"cta-block__body\">\n\t\t\t<h2 class=\"cta-block__headline\">Azure AI Foundry<\/h2>\n\t\t\t<p class=\"cta-block__text\">Build trustworthy AI agents that automate tasks, enhance user experiences, and deliver results.<\/p>\n\t\t\t\t\t\t\t<div class=\"cta-block__actions\">\n\t\t\t\t\t<a\n\t\t\t\t\t\thref=\"https:\/\/azure.microsoft.com\/en-us\/products\/ai-foundry\"\n\t\t\t\t\t\tclass=\"btn cta-block__link btn-link\"\n\t\t\t\t\t\ttarget=\"_blank\"\t\t\t\t\t>\n\t\t\t\t\t\tLearn more\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t<\/div>\n<\/aside>\n","protected":false},"excerpt":{"rendered":"<p>Azure AI Foundry brings together security, safety, and governance in a layered process enterprises can follow to build trust in their agents.<\/p>\n","protected":false},"author":76,"featured_media":46281,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":["aiblog-content-sync"],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","_alt_title":"","footnotes":"","msx_community_cta_settings":[]},"categories":[1454,1474,1482],"tags":[3271,2671],"audience":[3054,3055],"content-type":[1481],"product":[2756,3164,1796],"tech-community":[3041],"topic":[],"coauthors":[3166],"class_list":["post-46280","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai-machine-learning","category-analytics","category-management-and-governance","tag-agent-factory","tag-ai","audience-business-decision-makers","audience-developers","content-type-thought-leadership","product-azure-ai-content-safety","product-microsoft-foundry","product-microsoft-purview","review-flag-5-1680286581-950","review-flag-microsofts","review-flag-new-1680286579-546"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Agent Factory: Creating a blueprint for safe and secure AI agents | Microsoft Azure Blog<\/title>\n<meta name=\"description\" content=\"Learn how you can build trustworthy AI agents by combining identity, guardrails, evaluations, adversarial testing, data protection, and more.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Agent Factory: Creating a blueprint for safe and secure AI agents | Microsoft Azure Blog\" \/>\n<meta property=\"og:description\" content=\"Learn how you can build trustworthy AI agents by combining identity, guardrails, evaluations, adversarial testing, data protection, and more.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Azure Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/microsoftazure\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-17T21:30:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-07T18:59:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915-1024x576.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"576\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Yina Arenas\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.png\" \/>\n<meta name=\"twitter:creator\" content=\"@azure\" \/>\n<meta name=\"twitter:site\" content=\"@azure\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Yina Arenas\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/\"},\"author\":[{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/yina-arenas\/\",\"@type\":\"Person\",\"@name\":\"Yina Arenas\"}],\"headline\":\"Agent Factory: Creating a blueprint for safe and secure AI agents\",\"datePublished\":\"2025-09-17T21:30:00+00:00\",\"dateModified\":\"2026-04-07T18:59:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/\"},\"wordCount\":1172,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp\",\"keywords\":[\"Agent Factory\",\"AI\"],\"articleSection\":[\"AI + machine learning\",\"Analytics\",\"Management and governance\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/\",\"name\":\"Agent Factory: Creating a blueprint for safe and secure AI agents | Microsoft Azure Blog\",\"isPartOf\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp\",\"datePublished\":\"2025-09-17T21:30:00+00:00\",\"dateModified\":\"2026-04-07T18:59:13+00:00\",\"description\":\"Learn how you can build trustworthy AI agents by combining identity, guardrails, evaluations, adversarial testing, data protection, and more.\",\"breadcrumb\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp\",\"contentUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp\",\"width\":1920,\"height\":1080,\"caption\":\"Text reads \\\"Agent Factory: Building Trustworthy A I Agents.\\\"\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog home\",\"item\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AI + machine learning\",\"item\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/category\/ai-machine-learning\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Agent Factory: Creating a blueprint for safe and secure AI agents\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#website\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/\",\"name\":\"Microsoft Azure Blog\",\"description\":\"Get the latest Azure news, updates, and announcements from the Azure blog. From product updates to hot topics, hear from the Azure experts.\",\"publisher\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization\",\"name\":\"Microsoft Azure Blog\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp\",\"contentUrl\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Azure Blog\"},\"image\":{\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/microsoftazure\",\"https:\/\/x.com\/azure\",\"https:\/\/www.instagram.com\/microsoftdeveloper\/\",\"https:\/\/www.linkedin.com\/company\/16188386\",\"https:\/\/www.youtube.com\/user\/windowsazure\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/person\/83fe4c04c61d5e58d555ba137c01a107\",\"name\":\"Garry Guseltsev\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/8476ebc2bcbe54e1843bd5cce3ec249bed771194411b3052815d4c5d272128f2?s=96&d=mm&r=g4f09d3e62b774b84289036a84f6a8c1c\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8476ebc2bcbe54e1843bd5cce3ec249bed771194411b3052815d4c5d272128f2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8476ebc2bcbe54e1843bd5cce3ec249bed771194411b3052815d4c5d272128f2?s=96&d=mm&r=g\",\"caption\":\"Garry Guseltsev\"},\"url\":\"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/garryguseltsev\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Agent Factory: Creating a blueprint for safe and secure AI agents | Microsoft Azure Blog","description":"Learn how you can build trustworthy AI agents by combining identity, guardrails, evaluations, adversarial testing, data protection, and more.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/","og_locale":"en_US","og_type":"article","og_title":"Agent Factory: Creating a blueprint for safe and secure AI agents | Microsoft Azure Blog","og_description":"Learn how you can build trustworthy AI agents by combining identity, guardrails, evaluations, adversarial testing, data protection, and more.","og_url":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/","og_site_name":"Microsoft Azure Blog","article_publisher":"https:\/\/www.facebook.com\/microsoftazure","article_published_time":"2025-09-17T21:30:00+00:00","article_modified_time":"2026-04-07T18:59:13+00:00","og_image":[{"width":1024,"height":576,"url":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915-1024x576.png","type":"image\/png"}],"author":"Yina Arenas","twitter_card":"summary_large_image","twitter_image":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.png","twitter_creator":"@azure","twitter_site":"@azure","twitter_misc":{"Written by":"Yina Arenas","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#article","isPartOf":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/"},"author":[{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/yina-arenas\/","@type":"Person","@name":"Yina Arenas"}],"headline":"Agent Factory: Creating a blueprint for safe and secure AI agents","datePublished":"2025-09-17T21:30:00+00:00","dateModified":"2026-04-07T18:59:13+00:00","mainEntityOfPage":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/"},"wordCount":1172,"commentCount":0,"publisher":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization"},"image":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage"},"thumbnailUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp","keywords":["Agent Factory","AI"],"articleSection":["AI + machine learning","Analytics","Management and governance"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/","name":"Agent Factory: Creating a blueprint for safe and secure AI agents | Microsoft Azure Blog","isPartOf":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage"},"image":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage"},"thumbnailUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp","datePublished":"2025-09-17T21:30:00+00:00","dateModified":"2026-04-07T18:59:13+00:00","description":"Learn how you can build trustworthy AI agents by combining identity, guardrails, evaluations, adversarial testing, data protection, and more.","breadcrumb":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#primaryimage","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp","contentUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2025\/09\/Azure_AgentFactory_Blog_250915.webp","width":1920,"height":1080,"caption":"Text reads \"Agent Factory: Building Trustworthy A I Agents.\""},{"@type":"BreadcrumbList","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/agent-factory-creating-a-blueprint-for-safe-and-secure-ai-agents\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog home","item":"https:\/\/azure.microsoft.com\/en-us\/blog\/"},{"@type":"ListItem","position":2,"name":"AI + machine learning","item":"https:\/\/azure.microsoft.com\/en-us\/blog\/category\/ai-machine-learning\/"},{"@type":"ListItem","position":3,"name":"Agent Factory: Creating a blueprint for safe and secure AI agents"}]},{"@type":"WebSite","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#website","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/","name":"Microsoft Azure Blog","description":"Get the latest Azure news, updates, and announcements from the Azure blog. From product updates to hot topics, hear from the Azure experts.","publisher":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/azure.microsoft.com\/en-us\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#organization","name":"Microsoft Azure Blog","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp","contentUrl":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-content\/uploads\/2024\/06\/microsoft_logo.webp","width":512,"height":512,"caption":"Microsoft Azure Blog"},"image":{"@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/microsoftazure","https:\/\/x.com\/azure","https:\/\/www.instagram.com\/microsoftdeveloper\/","https:\/\/www.linkedin.com\/company\/16188386","https:\/\/www.youtube.com\/user\/windowsazure"]},{"@type":"Person","@id":"https:\/\/azure.microsoft.com\/en-us\/blog\/#\/schema\/person\/83fe4c04c61d5e58d555ba137c01a107","name":"Garry Guseltsev","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/8476ebc2bcbe54e1843bd5cce3ec249bed771194411b3052815d4c5d272128f2?s=96&d=mm&r=g4f09d3e62b774b84289036a84f6a8c1c","url":"https:\/\/secure.gravatar.com\/avatar\/8476ebc2bcbe54e1843bd5cce3ec249bed771194411b3052815d4c5d272128f2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8476ebc2bcbe54e1843bd5cce3ec249bed771194411b3052815d4c5d272128f2?s=96&d=mm&r=g","caption":"Garry Guseltsev"},"url":"https:\/\/azure.microsoft.com\/en-us\/blog\/author\/garryguseltsev\/"}]}},"msxcm_display_generated_audio":false,"msxcm_animated_featured_image":null,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Azure Blog","distributor_original_site_url":"https:\/\/azure.microsoft.com\/en-us\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts\/46280","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/users\/76"}],"replies":[{"embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/comments?post=46280"}],"version-history":[{"count":25,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts\/46280\/revisions"}],"predecessor-version":[{"id":50278,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/posts\/46280\/revisions\/50278"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/media\/46281"}],"wp:attachment":[{"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/media?parent=46280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/categories?post=46280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/tags?post=46280"},{"taxonomy":"audience","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/audience?post=46280"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/content-type?post=46280"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/product?post=46280"},{"taxonomy":"tech-community","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/tech-community?post=46280"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/topic?post=46280"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/azure.microsoft.com\/en-us\/blog\/wp-json\/wp\/v2\/coauthors?post=46280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}