AI-Powered Entra Security Assessments Using MCP Server for Enterprise - track1 - session4

What if you could audit your tenant's identity security posture just by asking questions in natural language? Microsoft MCP Server for Enterprise (preview) connects AI clients like VS Code and ChatGPT directly to Microsoft Graph, enabling admins and security teams to query Entra ID data — users, privileged roles, MFA status, guest access, application risks, and more — without writing a single line of code. In this session, we'll explore: What MCP (Model Context Protocol) is and why it matters for security operations How MCP Server for Enterprise works — the permission model, RAG-enhanced query generation, and security architecture How it compares to Security Copilot and Agent 365 — and when to use what Live demo: Running real-time Entra security queries using VS Code with both MCP Server for Enterprise and Microsoft Learn MCP Server — identifying risks AND pulling official remediation guidance in a single prompt Whether you're a security admin, SOC analyst, or MSP managing multiple tenants, this session will show you how to get AI-powered identity security insights at zero additional licensing cost. ⏱️ Timestamps: 0:00 - Introduction & Session Overview 5:00 - What is Microsoft MCP Server for Enterprise? 11:00 - Why MCP Matters for Security Operations 17:00 - Permission Model & RAG-Enhanced Query Generation 23:00 - MCP Security Architecture 29:00 - Comparing MCP Server vs Copilot & Agent 365 35:00 - Live Demo: Querying Entra ID via VS Code 42:00 - Running Real-Time Entra Security Queries 49:00 - Identifying Risks & Remediation Guidance 55:00 - Multi-Tenant MSP Scenarios 1:00:00 - Zero Licensing Cost Benefits 1:03:00 - Key Takeaways & Q&A 📌 Part of the Microsoft Purview & Defender Days 2026 series. 🔔 Subscribe for more Microsoft Security sessions!