Skip to main content

Responsible AI for Microsoft Foundry

Microsoft Foundry provides comprehensive tools and practices for building trustworthy AI agents with end-to-end security, observability, and governance.

Responsible AI Framework

Our approach follows the Microsoft Responsible AI Standard with three key stages:
1

Discover

Identify agent quality, safety, and security risks before and after deployment
2

Protect

Apply safeguards at model output and agent runtime levels
3

Govern

Monitor agents through tracing, logging, and compliance integrations

Safety Controls

Content Filtering

Capabilities:
  • Block harmful inputs and outputs
  • Detect and prevent jailbreak attempts
  • Mitigate prompt injection attacks (including XPIA)
  • Filter for multiple harm categories
Categories:
  • Violence and self-harm
  • Sexual content
  • Hate speech
  • Protected material

Prompt Injection Protection

Protections:
  • Input sanitization
  • Context isolation
  • Cross-prompt injection attack (XPIA) detection
  • User/system message separation

Observability

Conversation Tracing

Features:
  • Full conversation history
  • Tool invocation logs
  • Decision point tracking
  • Performance metrics

Application Insights Integration

Capabilities:
  • Usage data and metrics
  • Performance monitoring
  • Error tracking
  • Custom telemetry

Evaluation Tools

Assessment types:
  • Quality evaluations
  • Safety assessments
  • Performance benchmarks
  • Custom metrics

Governance

Identity and Access

Controls:
  • Microsoft Entra ID authentication
  • Role-based access control (RBAC)
  • Managed identities
  • Conditional access policies

Data Governance

Capabilities:
  • Data residency controls
  • Customer-managed encryption keys
  • Audit logging
  • Compliance certifications

Network Security

Features:
  • Private endpoints
  • Virtual network integration
  • Network isolation
  • Data exfiltration prevention

Security Alerts

View and respond to security alerts in the Risks + alerts section:
1

Sign in

Navigate to Microsoft Foundry portal
2

Select Project

Choose your project
3

View Alerts

Go to Risks + alerts in left navigation
4

Review & Act

Review active alerts and take remediation steps

Best Practices

  • Run adversarial testing
  • Evaluate with representative data
  • Test edge cases and failure modes
  • Conduct red team exercises
  • Set up Application Insights
  • Track key performance metrics
  • Monitor for anomalies
  • Review conversation logs regularly
  • Use content filters
  • Enable prompt injection protection
  • Apply RBAC and network controls
  • Encrypt data at rest and in transit
  • Maintain agent documentation
  • Log all configurations
  • Review audit logs
  • Document incident responses

Resources

Next Steps

Agent Overview

Learn about agent capabilities

Standard Setup

Configure enterprise security

Environment Setup

Deploy secure infrastructure

Quickstart

Build your first agent