On the left, a woman holds a tablet; on the right, a man and a woman hold a laptop


Foreword from Frank X. Shaw

Welcome once again to Microsoft Ignite and this year’s edition of the Book of News. It’s an action-packed version that features more than 100 announcements in a wide range of topics, including infrastructure, Microsoft Copilot, the relationship between data and AI, new tools for developers and security.

At this year’s Microsoft Ignite, our flagship event for IT developers and business decision makers, we are expecting 4,500 in-person attendees in Seattle and more than 175,000 registrants who are participating digitally. Everyone will learn about new products and updates launching today and hear from senior leaders and subject matter experts about what’s on the horizon.

The Book of News is designed to be your guide to all our announcements, making it easy for you to navigate the latest information and provide key details on the topics in which you are most interested. We are excited to share some groundbreaking new products and critical updates that help make work and life easier and more productive.

The overarching theme for this year’s Ignite is how we are working to empower our customers, partners and developers to thrive in the era of AI. In 2023, we witnessed entirely new ways of working via technological advances. Organizations count on their partners to provide innovative, efficient and safe solutions that lead to meaningful business outcomes, and we at Microsoft are proud to deliver those results.

We have a great lineup of news and exciting moments planned for this year’s Microsoft Ignite. I hope that you can join us.

As usual, we eagerly want your feedback. Please let us know how we can do better. We want to make sure you receive the information and context you need from this event. What can we do to make the experience even better next time?


What is the Book of News?

The Microsoft Ignite Book of News is your guide to key news items that we are announcing at Microsoft Ignite. The interactive Table of Contents gives you the option to select the items you are interested in, and the translation capabilities make the Book of News more accessible globally. (Just click the Translate button below the Table of Contents to enable translations.)

We pulled together a folder of imagery related to a few of the news items. Please take a look at the imagery here. To watch keynotes and sessions related to news items, we have links below the news to get you quick access to upcoming sessions and on-demand videos.

We hope the Book of News provides all the information, executive insight and context you need. If you have any questions or feedback regarding content in the Book of News, please email [email protected].

If you are interested in speaking with an industry analyst about news announcements at Microsoft Ignite or Microsoft’s broader strategy and product offerings, please contact [email protected].

A person sits on stairs with potted plants on the steps by the kitchen, working on a laptop.

1. Azure 1.1. Azure AI Services

1.1.1. Azure Machine Learning updates streamline and operationalize AI

Azure Machine Learning continues to improve user experiences with new enhancements, including the general availability of prompt flow and model catalog and the preview of an integration with OneLake in Microsoft Fabric, empowering developers and machine learning professionals to streamline the development of AI-powered applications and operationalize responsible generative AI solutions across all stages of the generative AI development lifecycle.

Updates to Azure Machine Learning include:

  • Prompt flow streamlines the entire development lifecycle of applications powered by large language models (LLMs). It enables developers to design, construct, evaluate and deploy LLM workflows, connecting to a variety of foundation models, vector databases, prompts and Python tools through both visualized graphs and code-first experiences in CLI, SDK and Visual Studio Code extension. Prompt flow is now generally available in Azure Machine Learning and in preview in Azure AI Studio.
  • Model catalog will empower users to discover, evaluate, fine-tune and deploy foundation models from renowned providers, such as Hugging Face, Meta and OpenAI, facilitating developers in selecting the optimal foundation models for their specific use cases. Within the model catalog, users can find a comprehensive comparison view for benchmarking metrics of multiple foundation models, allowing users to self-educate and make informed decisions about the suitability of models and datasets for their specific use cases. Model catalog has expanded to include new models like Code Llama, Stable Diffusion and OpenAI’s CLIP (Contrastive Language-Image Pretraining) models. Model catalog will be generally available soon and is available in preview in Azure AI Studio, broadening its availability and applicability.
  • Model-as-a-Service through inference APIs and hosted-fine-tuning, coming soon in preview, will enable developers and machine learning professionals to easily integrate foundation models such as Llama 2 from Meta, upcoming premium models from Mistral, and Jais from G42 as an API endpoint to their applications and fine-tune models without having to manage the underlying GPU infrastructure.
  • OneLake is now available in preview as a datastore in Azure Machine Learning, facilitating a seamless transition between Microsoft Fabric and Azure Machine Learning. This integration allows data engineers to share machine learning-ready data assets developed in Fabric, enabling machine learning professionals to directly utilize them for model training in Azure Machine Learning. Additionally, machine learning professionals can write model predictions back to OneLake for further processing in Fabric or to surface insights through Power BI.

Additional resources:

1.1.2. Microsoft launching AI platform Azure AI Studio

Microsoft is launching the preview of its unified AI platform, Azure AI Studio, which will empower all organizations and professional developers to innovate and shape the future with AI.

The platform, accessibly and responsibly designed, will equip organizations with a one-stop shop to seamlessly explore, build, test and deploy AI solutions using state-of-the-art AI tools and machine learning models, all grounded in responsible AI practices. Developers will be able to build generative AI applications, including copilot experiences, using out-of-the-box and customizable tooling and models.

Users can choose the data source, including Microsoft Fabric OneLake and Azure AI Search, for vector embeddings, select models from a comprehensive catalog of frontier and open-source models, orchestrate prompt flows, evaluate model responses, identify fine-tuning opportunities and scale proof of concepts into full production with continuous monitoring and refinement.

Additional resources:

1.1.3. New capabilities for developers to build generative AI solutions safely, responsibly

Microsoft leads the industry in the safe and responsible use of AI. The company has set the standard with an industry-leading commitment to defend and indemnify commercial customers from lawsuits for copyright infringement with the Copilot Copyright Commitment (CCC). Today, Microsoft takes its commitment one step further by announcing the expansion of the CCC to customers using Azure OpenAI Service. The new benefit will be called the Customer Copyright Commitment. As part of this expansion, Microsoft has published new documentation to help Azure OpenAI Service customers implement technical measures to mitigate the risk of infringing content. Customers will need to comply with the documentation to take advantage of the benefit.

And Azure AI Content Safety, now generally available, helps organizations detect and mitigate harmful content and create better online experiences. Customers can use Azure AI Content Safety as a built-in-safety system within Azure OpenAI Service, for open-source models as part of their prompt engineering in Azure Machine Learning or as a standalone API service.

Additional resources:

1.1.4. New features for Azure AI Vision

Azure AI Vision offers innovative computer vision capabilities to empower developers to analyze images, read text and detect faces with pre-built image tagging, text extraction with optical character recognition (OCR) and responsible facial recognition.

Several new updates to the solution, including:

Liveness functionality and Vision SDK: Liveness functionality will help prevent face recognition spoofing attacks and conforms to ISO 30107-3 PAD Level 2. Vision SDK for Face will enable developers to easily add face recognition and liveness to mobile applications. Both features are in preview.

Image Analysis 4.0: This API introduces cutting-edge Image Analysis models, encompassing image captioning, OCR, object detection and more, all accessible through a single, synchronous API endpoint. Notably, the enhanced OCR model boasts improved accuracy for both typed and handwritten text in images. Image Analysis 4.0 is generally available.

Florence foundation model: Trained with billions of text-image pairs and integrated as cost-effective, production-ready computer vision services in Azure AI Vision, this improved feature enables developers to create cutting-edge, market-ready, responsible computer vision applications across various industries. Florence foundation model is generally available.

Additional resources:

1.1.5. New multimodal AI capabilities now available in Azure OpenAI Service

Azure OpenAI Service has unveiled several multimodal AI capabilities to empower businesses to build generative AI experiences with image, text and video. They include:

  • DALL·E 3: Imagine an AI model that can generate images from text descriptions. DALL·E 3 is a remarkable AI model that does just that. Users describe an image, and DALL·E 3 will be able to create it. DALL·E 3 is in preview.
  • GPT-3.5 Turbo model with a 16k token prompt length and GPT-4 Turbo: The latest models in Azure OpenAI Service will enable customers to extend prompt length and bring even more control and efficiency to their generative AI applications. Both models will be available in preview at the end of November 2023.
  • GPT-4 Turbo with Vision (GPT-4V): When integrated with Azure AI Vision, GPT-4V will enhance experiences by allowing the inclusion of images or videos along with text for generating text output, benefiting from Azure AI Vision enhancement like video analysis. GPT-4V will be in preview by the end of 2023.
  • GPT-4 updates: Azure OpenAI Service has also rolled out updates to GPT-4, including the ability for fine-tuning. Fine-tuning will allow organizations to customize the AI model to better suit their specific needs. It’s akin to tailoring a suit to fit perfectly, but in the world of AI. Updates to GPT-4 are in preview.

These advancements in Azure OpenAI Service open new possibilities for businesses and users alike. With DALL·E 3 and GPT-4 Turbo for Vision, creativity knows no bounds, and communication with machines becomes more intuitive. The availability of GPT-3.5 Turbo with a 16K token prompt length, and GPT-4 Turbo, along with updates to GPT-4, will enable improved adaptability and efficiency, making it even more useful across various industries.

Additional resources:

1.1.6. New summarization and translation capabilities in Azure AI

Several new features in Azure AI will aid developers when summarizing and translating language for app usage. Updates, now in preview, include:

  • A new task-optimization summarization capability in Azure AI Language, powered by large language models (GPT-3.5-Turbo, GPT-4, Z-Code++ and more).
  • A new machine translation model capable of translating from one language to another without translating in English as an intermediary. In addition, it can be customized using customer data to better align translations to the industry’s context.
  • Named entity recognition, document translation and summarization in containers will allow government agencies and industries, such as financial services and healthcare, with strict data residency requirements to run AI services on their own infrastructure.
  • Personal voice, a new custom neural voice feature that will enable businesses to create custom neural voices with 60 seconds of audio samples for their users. Personal voice is a limited access feature.
  • Text-to-speech avatar, a new text-to-speech capability that will generate a realistic facsimile of a person speaking based on input text and video data of a real person speaking. Both prebuilt and custom avatars are now in preview, however, custom avatar is a limited access feature.

Additional resources:

1.1.7. Unlock video insights with updates in Azure OpenAI

The powerful integration of Azure AI Video Indexer, Azure AI Search and Azure OpenAI Service offers users a comprehensive solution for capturing essential insights from video content and enables natural language question-answering, video summarization and efficient content search. These new features, now in preview, include:

  • Video-to-text summary: Users will be able to extract the essence of video content and generate concise and informative text summaries. The advanced algorithm segments videos into coherent chapters, leveraging visual, audio and text cues to create sections that are easily accommodated in large language model (LLM) prompt windows. Each section contains essential content, including transcripts, audio events and visual elements. This is ideal for creating video recaps, training materials or knowledge-sharing.
  • Efficient Video Content Search: Users will be able to transform video content into a searchable format using LLMs and Video Indexer’s insights. By converting video insights into LLM-friendly prompts, the main highlights are accessible for effective searching. Scene segmentation, audio events and visual details further enhance content division, allowing users to swiftly locate specific topics, moments or details within extensive video.

Additional resources:

1.1.8. Vector search and semantic ranker now generally available in Azure AI Search

Azure AI Search (formerly known as Azure Cognitive Search) is an information search and retrieval platform that enables organizations to deliver highly personalized experiences in their generative AI applications.

Updates to Azure AI Search include:

  • Vector search: Large language models (LLMs) traverse large volumes of documents and information to generate responses to user queries. This is expensive and can result in slow response times. Given computers are faster and more efficient when working with numerical data compared to documents, techniques have been developed that turn documents and data into a numerical format, called a vector — a long floating point. Vector search indexes allow for faster, more efficient retrieval. Having great vector support is as important to getting a good answer out of an LLM as the LLM itself. Vector search is generally available.
  • Semantic ranker (formally known as semantic search): With multilingual, deep learning models adapted from Microsoft Bing, semantic ranker prioritizes and ensures the most relevant search results are delivered first. Semantic ranker is generally available.
  • Availability in Azure AI Studio: Azure AI Search is now available in Azure AI Studio, a new unified AI platform, currently in preview. A robust search and retrieval system is a critical component of the generative AI systems’ development lifecycle. Therefore, making Azure AI Search available in Azure AI Studio will enable support for the full value chain, streamlining workflow for the app developer by putting everything they need in one place.

Additional resources:

1.2. Azure Compute

1.2.1. New AMD-based Azure virtual machines now in preview

Azure is introducing the latest AMD-based virtual machines (VMs) built on the 4th Generation AMD EPYC™ Genoa processor. Now in preview for the D, E and F family VMs, these new VMs introduce even greater performance and reliability than the previous AMD v5 VMs based on the 3rd Generation AMD EPYC™ Milan processor. The new Genoa-based VMs will have different memory-to-core ratios spread across the three VM series – the general purpose Dav6 and Dalv6 series, the memory-optimized Eav6 series and the compute-optimized Fav6, Falv6 and Famv6 series.

The Dav6 VM series provides a good balance between memory-to-core ratio, while the Dalv6 series is meant to provide a more cost-effective option for applications that require less memory. The Eav6 VM series is built for applications demanding higher memory-to-core ratios. The Fav6, Falv6 and Famv6 series all have increased CPU performance in comparison to the D and E series AMD VMs and are different only in their memory-to-core ratio.

These new VMs will significantly expand the VM options available for AMD customers, spanning a multitude of popular VM series of varying memory sizes and budget.

Additional resources:

1.2.2. Running SAP HANA on Azure with new and powerful infrastructure options

The Azure M-series Mv3 family, the next generation of memory optimized virtual machines (VMs), gives customers faster insights, more uptime, lower total cost of ownership and improved price-performance for running SAP HANA workloads with direct Azure IaaS deployments and SAP RISE on Azure. The Mv3 VMs are powered by the 4th-generation Intel® Xeon® Scalable processors and Azure Boost, Microsoft’s system for offloading virtualization. The Mv3 family will scale for SAP workloads, ranging from less than 1 TB to 32 TB.

The Mv3 platform offers improved resilience against common failures in memory, storage and networking, resulting in minimal interruptions to mission-critical workloads. Mv3 delivers up to 30 percent faster SAP HANA (High-performance ANalytic Appliance) data load times for SAP OLAP (Online Analytical Processing) workloads compared to the previous generation Mv2, and up to 15 percent higher performance per core for SAP OLTP (Online Transaction Processing) workloads over Mv2.

Powered by Azure Boost, Mv3 delivers up to two times throughput to Azure premium solid-state drive (SSD) disk storage and up to 25 percent improvement in network throughput over Mv2. Azure Boost is a new system that offloads virtualization processes traditionally performed by the hypervisor and host OS, such as networking, storage and host management, onto purpose-built hardware and software. Azure Boost achieves several benefits for Mv3 VMs, including enhanced network and storage performance at scale, improved security through an additional layer of logical isolation and reduced maintenance impact during future Azure software and hardware upgrades.

Updates to the Mv3 family include:

  • The Mv3 medium memory offering, with VM sizes up to 4 TB of memory, is now generally available.
  • The Mv3 very high memory offering, with 32 TB of memory, is now in preview.

Additional resources:

1.3. Azure Confidential Computing

1.3.1. Confidential containers on Azure Kubernetes Service in preview

Confidential containers on Azure Kubernetes Service (AKS) is the first cloud service offering pod-level isolation and memory encryption in a managed Kubernetes service based on the open-source Kata containers project and powered by AMD SEV-SNP. Organizations will be able to migrate their most sensitive container workloads to the cloud without any code changes, while protecting their data in memory from external and internal threats. Confidential containers on AKS is now in preview.

Additional resources:

1.3.2. Microsoft Azure Managed Confidential Consortium Framework in preview

Microsoft Azure Managed Confidential Consortium Framework, now in preview, is a new Azure service that will offer execution of the Microsoft Confidential Consortium Framework (CCF) open-source SDKs as a managed service, eliminating the need for developers to stand up their own infrastructure to support a CCF API endpoint. Developers will be able to more easily build and manage confidential multi-party applications with decentralized trust on a secured and governed network of trusted execution environments.

Additional resources:

1.3.3. New confidential virtual machine option for Azure Databricks

The confidential virtual machine (VM) option for Azure Databricks is now generally available.

Customers seeking to better ensure privacy of personally identifiable information (PII) or other sensitive data while analyzing that data in Azure Databricks can now do so by specifying AMD-based confidential VMs when creating an Azure Databricks cluster. Running a customer’s Azure Databricks cluster on Azure confidential VMs enables Azure Databricks customers to confidently analyze their sensitive data in Azure.

Additional resources:

1.3.4. New confidential virtual machines with Intel processors in preview

The DCesv5-series and ECesv5-series confidential virtual machines (VMs) are now in preview. Featuring 4th Gen Intel® Xeon® Scalable processors, these VMs are backed by an all-new hardware-based trusted execution environment called Intel® Trust Domain Extensions (TDX). Organizations will be able to use these VMs to seamlessly bring confidential workloads to the cloud without any code changes to their applications.

Additional resources:

1.3.5. New features and services for Azure confidential virtual machines

New features and services for Azure confidential virtual machines (VMs) include Red Hat Enterprise Linux (RHEL) 9.3 support, Disk Integrity Tool, temporary disk encryption, new region support and trusted launch as default in PowerShell for all Azure Gen 2 VMs.

RHEL 9.3 support for AMD SEV-SNP confidential VMs will allow Azure customers to specify the RHEL 9.3 image as the guest operating system (OS) for AMD-based confidential VMs. This will ensure any sensitive data processed by their RHEL guest OS is protected in use, in memory. Azure AMD-based confidential VMs provide a strong, hardware-enforced boundary that hardens the protection of the guest OS against host operator access and other Azure tenants. These VMs are designed to help ensure that data in use, in memory, is protected from unauthorized users using encryption keys generated by the underlying chipset and inaccessible to Azure operators. RHEL 9.3 support for AMD SEV-SNP confidential VMs is in preview.

Disk Integrity Tool for Intel TDX confidential VMs will allow customers to measure and attest to a disk in their confidential VM. The tooling comes as an Azure CLI extension that a user can install in their own trusted environment to run a few simple commands to protect the disk. When such integrity protected disks are used for confidential VM deployments, after the VM boots, users will be able to cryptographically attest that OS disk’s root/system partition contents are secure and as expected before processing any confidential workloads. Disk Integrity Tool for AMD SEV-SNP confidential VMs is in preview.

Temporary disk encryption for AMD SEV-SNP confidential VMs will allow Azure customers to encrypt the temporary disk attached to their AMD-based confidential VMs using customer-managed keys. This ensures any sensitive data on those disks is protected at rest. Temporary disk encryption for AMD SEV-SNP confidential VMs is in preview.

New region support for AMD SEV-SNP confidential VMs is now generally available in the following new regions: Southeast Asia, Central India, East Asia, Italy North, Switzerland North, Japan East, Germany West Central and UAE North.

Trusted launch as default in PowerShell for all Azure Gen 2 VMs, now generally available, hardens Azure Virtual Machines with security features that allow administrators to deploy virtual machines with verified and signed bootloaders, OS kernels and a boot policy. This is accomplished via such trusted launch features as secure boot, vTPM and boot integrity monitoring that protect against boot kits, rootkits and kernel-level malware.

Additional resources:

1.3.6. New NCCv5 series confidential virtual machines with NVIDIA H100 GPUs in preview

The NCCv5 series confidential virtual machines with NVIDIA H100 Tensor Core GPUs, in preview, will be the first and only cloud offering of its kind that will allow AI developers to deploy their GPU-powered applications confidentially. This will ensure data in both CPU and GPU memory is always encrypted by using keys generated by hardware and is protected from unauthorized alteration. Data scientists needing to train their models and gain insights from multiple third-party data sources will be able do so while ensuring personal data and AI models are kept private and provide evidence of their confidentiality through attestation reports.

Additional resources:

1.4. Azure Data

1.4.1. Amazon S3 shortcuts now generally available

Amazon S3 shortcuts, now generally available, allow organizations to unify their data in Amazon S3 with their data in OneLake. With this update, data engineers can create a single virtualized data lake for their entire organization across Amazon S3 buckets and OneLake – without the latency of copying data from S3 and without changing overall data ownership.

Data lakes in S3 buckets can continue to exist and be managed externally to Microsoft Fabric. Data is mapped to the same unified namespace and can be accessed using the same Azure Data Lake Storage Gen2 APIs even when the data is coming from S3. Fabric experiences and analytical engines can directly connect to virtualized S3 data in OneLake.

This enables organizations to accelerate the overall value of their data estate with Fabric across clouds, empowering them to leverage generative AI capabilities like Copilot in Microsoft Fabric or build tailor-made large language models grounded on their data with Azure AI Studio.

Additional resources:

1.4.2. Azure Data Lake Storage Gen2 shortcuts now available

Azure Data Lake Storage Gen2 (ADLS Gen2) shortcuts are now generally available, empowering data engineers to connect to data from external data lakes in ADLS Gen2 into OneLake through a live connection with target data.

With this update, data from ADLS Gen2 can be reused without copying it, eliminating data duplication and lowering integration cost across an enterprise. By creating an ADLS Gen2 shortcut, data is made ready for consumption through custom large language models (LLMs) or Power BI visuals. ADLS Gen2 shortcuts also accelerate the overall value of the data estate by enabling interoperability with Azure Databricks.

Through an ADLS Gen2 shortcut, customers can now receive fast performance through Power BI Direct Lake Mode with Azure Databricks. Since OneLake uses the same APIs as ADLS Gen2 and supports the same Delta Parquet format for data storage, Azure Databricks notebooks can be easily updated to use the OneLake endpoints for data stored in OneLake.

Additional resources:

1.4.3. Azure SQL updates offer better cost optimization, deeper integration

Several new features and updates for Azure SQL will make the offering more cost-efficient, reliable and secure. These updates include:

Lower pricing for Azure SQL Database Hyperscale compute

New pricing on Azure SQL Database Hyperscale offers cloud-native workloads the performance and security of Azure SQL at the price of commercial open-source databases. Hyperscale customers can save up to 35 percent on the compute resources they need to build scalable, AI-ready cloud applications of any size and I/O requirement. The new pricing will be generally available in mid-December 2023.

Azure SQL Managed Instance free trial offer, in preview soon, will allow customers to discover, use and explore Azure SQL Managed Instance free of charge for 12 months. Customers will be able to run proof of concepts, test applications or simply learn more about the operational benefits of a fully managed database-as-a-service.

The free trial offer will provide substantial compute and storage to test applications, including:

  • 4 vCores or 8 vCores of compute, limited to 720 vCore hours per month.
  • 64 GB of storage, plus 64 GB of backup storage.
  • Start and stop instance compute resources on demand.

Azure SQL Managed Instance feature wave, now generally available, introduces a bundle of features that work together to make SQL Managed Instance even more performant, reliable and secure, while enabling even deeper integration with on-premises SQL Server and the broader Azure service platform. Features included in the bundle:

  • Instance start/stop, which allows customers to start and stop their instance at their discretion to save on billing costs for vCores and SQL licensing.
  • Zone redundancy, which lets customers deploy their managed instance across multiple availability zones and improve the availability of their service.
  • Distributed Transaction Coordinator, which lets customers run transactions across multiple database types while keeping the databases in sync.

Additional resources: 

1.4.4. Microsoft 365 data in Fabric with native OneLake integration

Microsoft 365 data is now able to natively integrate to OneLake in the Delta Parquet format, the optimal format for data analysis. Microsoft 365 data was previously offered only in JSON format. With this new integration, Microsoft 365 data will be seamlessly joined with other data sources in OneLake, enabling access to a suite of analytical experiences for organizations to transform and gain insight from their data. This also means that AI capabilities built using Microsoft Fabric notebooks will now directly access Microsoft 365 data within OneLake. This update is in preview.

Additional resources:

1.4.5. Microsoft Fabric now generally available

Microsoft Fabric, an integrated and simplified experience for a data estate on an enterprise-grade data foundation, is now generally available. Fabric enables persistent data governance and a single capacity pricing model that scales with growth, and it’s open at every layer with no proprietary lock-ins. Fabric integrates Power BI, Data Factory and the next generation of Synapse to offer customers a price-effective and easy-to-manage modern analytics solution for the era of AI.

Fabric is for the entire enterprise, complete with role-tailored tools and deep integrations with Microsoft 365, Teams and AI copilots to accelerate analytics capabilities and help scale data value creation for everyone from data professionals to non-technical business users.

Additional resources:

1.4.6. Microsoft Fabric, now part of Microsoft Intelligent Data Platform, empowers ISVs

Microsoft Intelligent Data Platform (MIDP) is a set of tightly integrated data services that includes Microsoft Fabric, a unified analytics service that is now generally available. The intelligent data platform empowers organizations to invest more time creating value rather than integrating and managing their data estate.

Built as an easy-to-use software as a service (SaaS), Fabric is open and extensible, providing a rich set of capabilities for independent software vendors (ISVs) to further enrich the platform with industry leading applications. At Ignite, Microsoft will showcase how industry leading partners like London Stock Exchange, Esri, Informatica, Teradata and SAS are bringing their product experiences as workloads into Fabric. This will help partners widen their reach, and expand the breadth of capabilities that our mutual customers can access seamlessly with Microsoft Fabric.

Additional resources:

1.4.7. New features in Azure Cosmos DB increase developer productivity, cost efficiency

Several new features in Azure Cosmos DB will help developers deliver apps in a more efficient manner while also reducing production cost. These updates include:

Dynamic scaling per partition/region, now in preview for new Azure Cosmos DB accounts, will allow customers to optimize for scale and cost in situations where partitioning is used to scale individual containers in a database to meet the performance needs of applications, or where multi-region configuration of Azure Cosmos DB is used for global distribution of data.

Dynamic scaling provides developers with added flexibility to save costs by scaling up and down their database needs on a more granular level, either by region or by partition of their data. This is cost-friendly for customers who run into hot partitions in their databases or have operations around the globe.

Microsoft Copilot for Azure integration in Azure Cosmos DB, now in preview, will bring AI into the Azure Cosmos DB developer experience. Specifically, this release enables developers to turn natural language questions into Azure Cosmos DB NoSQL queries in the query editor of Azure Cosmos DB Data Explorer. This new feature will increase developer productivity by generating queries and written explanations of the query operations as they ask questions about their data.

Azure Cosmos DB for MongoDB vCore, now generally available, allows developers to build intelligent applications in Azure with MongoDB compatibility. With Azure Cosmos DB for MongoDB vCore, developers can enjoy the benefits of native Azure integrations, low total cost of ownership and the familiar vCore architecture when migrating existing applications or building new ones. Azure Cosmos DB for MongoDB vCore is also introducing a free tier, which is a developer-friendly way to explore the platform’s capabilities without any cost. Learn more about the free tier.

In addition, a new Azure AI Advantage offer will help customers realize the value of Azure Cosmos DB and Azure AI together. Benefits include:

  • Savings up to 40,000 RU/s for three months on Azure Cosmos DB when using GitHub Copilot or Azure AI, including Azure OpenAI Service.
  • World-class infrastructure and security to grow business and safeguard data.
  • Enhanced reliability of generative AI applications by leveraging the speed of Azure Cosmos DB to retrieve and process data.

Vector search in Azure Cosmos DB MongoDB vCore, now generally available, allows developers to seamlessly integrate their AI-based applications with the data stored in Azure Cosmos DB. Vector search enables users to efficiently store, index and query high-dimensional vector data, eliminating the need to transfer the data to more-expensive alternatives for vector search capabilities, such as vector databases.

Additional resources:

1.4.8. New manageability and security features for SQL Server enabled by Azure Arc

Enhancements to SQL Server enabled by Azure Arc offer additional management capabilities to SQL Server running outside Azure, including monitoring, high availability/disaster recovery (HA/DR) management and Extended Security Updates.

Monitoring for SQL Server enabled by Azure Arc, now in preview, will allow customers to gain critical insights into their entire SQL Server estate across on-premises datacenter and cloud, optimize for database performance and diagnose problems faster. With this monitoring tool, customers will be empowered to switch from a reactive operation mode to a proactive one, further improving database uptime while reducing routine workloads.

Enhanced high availability and disaster recovery (HA/DR) management for SQL Server enabled by Azure Arc is now in preview. With Azure Arc, customers can now improve SQL Server business continuity and consistency by viewing and managing Always On availability groups, failover cluster instances and backups directly from the Azure portal. This new capability will provide customers with better visibility and a much easier and more flexible way to configure critical database operations.

Extended Security Updates for SQL Server enabled by Azure Arc is now generally available. Extended Security Updates for SQL Server, which provide critical security updates for up to three years after the end of extended support, are now available as a service through Azure Arc. With the Extended Security Update service, customers running older SQL Server versions on-premises or in multicloud environments can manage security patches from the Azure portal. Extended Security Updates enabled by Azure Arc give financial flexibility with a pay-as-you-go subscription model.

Additional resources:

1.4.9. New performance enhancements in Azure Database for MySQL Business Critical

New performance enhancements in Azure Database for MySQL Business Critical service tier make it ideal for high-performance transactional or analytical applications. With the preview of Accelerated Logs, organizations may see an out-of-the-box improvement in performance of up to two times or more at no additional cost, based on internal testing by Microsoft.

A recent performance benchmark study by Principled Technologies shows that Azure Database for MySQL Business Critical service tier is up to 50 percent faster than MySQL on Amazon Web Services (AWS) Relational Data Service and up to 2.6 times faster than Google Cloud Platform (GCP) Cloud SQL for MySQL. These enhancements help make Azure Database for MySQL Business Critical ideal for mission-critical, Tier 1 MySQL workloads.

Additional resources:

1.4.10. Performance enhancements and new AI capabilities for Azure Database for PostgreSQL

Azure Database for PostgreSQL is a database service built on Microsoft’s scalable cloud infrastructure for application developers. Updates to the service include:

Enhanced performance and scalability for Azure Database for PostgreSQL. This update provides advanced storage and compute capabilities that enable optimal price-performance for enterprise production workloads. Features include:

  • Premium SSD v2, in preview, will offer sub-millisecond disk latencies plus up to 64 TB storage and 80K input/output operations (IOPS) for demanding IO-intensive workloads at a low cost, providing great flexibility for managing performance and cost for Tier-1 production environments.
  • IOPS scaling, in preview, will enable customers to scale up IOPS up to 20K to perform transient operations such as migrations or data loads more quickly, and then scale it back down when not required, to save cost.
  • Online, dynamic compute and storage scaling, now generally available, adjusts the amount of compute and storage resources based on current demand via a seamless experience with near-zero downtime.

Azure Database for PostgreSQL extension for Azure AI will allow developers to leverage large language models (LLMs) and build rich PostgreSQL generative AI applications, meaning PostgreSQL queries on Azure can now power Azure AI applications. Now in preview, the extension will enable:

  • Calling into Azure OpenAI Service to generate LLM-based vector embeddings that allow efficient similarity searches, which is particularly powerful for recommendation systems.
  • Calling into Azure AI Language for a wide range of scenarios such as sentiment analysis, language detection, entity recognition and more.

Additional resources:

1.5. Azure Infrastructure

1.5.1. AI infrastructure updates

Azure is the world’s computer, powering a range of solutions from cloud services to running the most sophisticated AI models. With insights from workloads and customer requirements, Microsoft is optimizing and innovating across every layer of the hardware and software stack.

Microsoft’s ecosystem approach includes longstanding partnerships with industry leaders to provide customers with choice in performance, efficiency and cost for AI inferencing, training and general compute.

Azure infrastructure is adding choice in price and performance across the Azure infrastructure technology stack, from the datacenter and its racks to servers and the silicon that powers them, including:

Custom-built silicon for AI and enterprise workloads in the Microsoft Cloud
Today, Microsoft is announcing new custom silicon that complements Microsoft’s offerings with industry partners. The two new chips, Microsoft Azure Maia and Microsoft Azure Cobalt, were built with a holistic view of hardware and software systems to optimize performance and price.

Microsoft Azure Maia is an AI Accelerator chip designed to run cloud-based training and inferencing for AI workloads, such as OpenAI models, Bing, GitHub Copilot and ChatGPT.

Microsoft Azure Cobalt is a cloud-native chip based on Arm architecture optimized for performance, power efficiency and cost-effectiveness for general purpose workloads.

Azure Boost is now generally available
One of Microsoft Azure’s latest and most significant infrastructure improvements, Azure Boost, is now generally available. Azure Boost enables greater network and storage performance at scale, improves security, and reduces servicing impact by moving virtualization processes traditionally performed by the host servers, such as networking, storage and host management, onto purpose-built hardware and software optimized for these processes. This innovation allows Microsoft to achieve the fastest remote and local storage performances in the market today, with a remote storage performance of 12.5 Gbps (gigabits per second) throughput and 650K IOPS (input/output operations per second) and a local storage performance of 17.3 Gbps throughput and 3.8M IOPS.

ND MI300 v5 virtual machines with AMD chips optimized for generative AI workloads
The ND MI300 v5 virtual machines are designed to accelerate the processing of AI workloads for high range AI model training and generative inferencing, and will feature AMD’s latest GPU, the AMD Instinct MI300X.

NC H100 v5 virtual machines with latest NVIDIA GPUs
The new NC H100 v5 Virtual Machine (VM) Series, in preview, is built on the latest NVL variant of the NVIDIA Hopper 100 (H100), which will offer greater memory per GPU. The new VM series will provide customers with greater performance, reliability and efficiency for mid-range AI training and generative AI inferencing. By maintaining more memory per GPU in the VM, customers increase data processing efficiency and enhance overall workload performance.

Additional resources:

1.5.2. Azure Monitor and Azure Migrate updates

Azure Monitor System Center Operations Manager (SCOM) Managed Instance brings SCOM monitoring capabilities and configurable health models to Azure Monitor. A capability within Azure Monitor, SCOM Managed Instance provides a cloud-based alternative for SCOM customers, providing monitoring continuity for cloud and on-premises environments across the cloud adoption journey.

SCOM Managed Instance is now generally available. Since preview, SCOM Managed Instance has added multiple capabilities such as the integration of SCOM alerts with that of Azure Monitor, the ability to send integrated alerts to IT service management tools, the ability to view service health from the Azure portal and an enhanced onboarding experience.

Azure Migrate, the service used to migrate to and modernize in Azure, is introducing discovery, business case analysis and assessment support for new workloads. This allows customers to analyze their configuration and compatibility for new use cases so they can determine appropriately sized Azure instances at optimal cost and without blockers.

Specific features, in preview, include Spring apps assessment, business case with management costs, business case and assessment with security and Windows and SQL ESU in business case and Web apps assessment, which is generally available.

Additional resources:

1.5.3. Introducing Azure IoT Operations

Azure IoT Operations is a new addition to the Azure IoT portfolio that will offer a unified, end-to-end Microsoft solution that digitally transforms physical operations seamlessly from the cloud to the edge.

This offering, now in preview, will feature a “One Microsoft” approach from cloud to edge to digitally transform physical operations. Microsoft is standardizing cloud-to-edge architecture for digital solutions in physical operations with industry standards and open-source approaches.

This unifying approach for customers’ digital ecosystems will remove technical hurdles for the next level of digital transformation, enable technical collaboration across IT and operational technology and bring interoperability and scalability to digital solutions.

That unified approach consists of the following:

  • Management plane: One control plane to secure and govern assets and workloads across cloud to edge with Azure Arc.
  • Application development: Consistently build and deploy apps anywhere, in the cloud or at the edge.
  • Cloud-to-edge data plane: Seamless integration at the data level from asset to cloud and back again.
  • Common infrastructure: Customers can connect investments in the cloud with their on-premises resources.

Additional resources:

1.5.4. Microsoft and Oracle announce general availability of Oracle Database@Azure

Microsoft and Oracle announce the general availability of Oracle Database@Azure, which will become available in the US East Azure region starting in December 2023, with expansions planned in the additional regions in the first quarter of 2024 and beyond. Customers will have direct access to Oracle database services running on Oracle Cloud Infrastructure (OCI) deployed in Microsoft Azure datacenters, starting with the Oracle Exadata Database Service, combined with the security, flexibility and best-in-class services of Microsoft Azure. Microsoft is the only other hyperscaler to offer OCI Database Services to simplify cloud migration, multicloud deployment and management.

Additional resources:

1.5.5. Updates across Azure Arc

Azure Arc simplifies governance and management by delivering a consistent multicloud and on-premises management platform to help organizations control and govern their environments. Updates to Azure Arc features and infrastructure capabilities include:

VMware vSphere enabled by Azure Arc, now generally available, will help users simplify management of hybrid IT estate distributed across VMware vSphere and Azure. It does so with the enablement of Azure Arc, which extends the Azure control plane to VMware vSphere infrastructure and enables the use of Azure security, governance and management capabilities consistently across VMware vSphere and Azure.

Customers can start with connecting Azure Arc to the resources in the VMware vSphere deployments, install agents at scale and enable Azure management, observability and security solutions, while benefitting from the existing lifecycle management capabilities. This feature is now generally available.

The latest Azure Stack HCI feature update, in preview, will bring innovative capabilities that continue to simplify the day-to-day life of IT pros by making the deployment and management of Azure Stack HCI simpler and more automated when coupled with the newly released turnkey solutions. For example, a new cluster deployment capability will automatically provision virtual machines (VMs) and the ability to manage Azure Stack HCI updates from the Azure portal at scale. Additionally, this feature update also expands VM extensions support that include Microsoft Defender for Cloud, Azure Monitor and Azure Update Manager.

Other updates, in preview, include:

  • Site manager, a new feature as part of the Azure Stack HCI update that will help customers organize all Arc resources per location, which saves time.
  • A new tool that will leverage Azure Migrate to enable customers to migrate their Hyper-V virtual machines directly to Azure Stack HCI nodes. This simplifies customer migration to a new infrastructure, which is especially useful during their hardware refresh cycle.

In addition to Azure Stack HCI news, AKS on VMware, in preview, will give customers who have used Azure Kubernetes Service (AKS) in the cloud or AKS on-premises on Windows Server or Azure Stack HCI the same experience for their VMware environment. With this new member of the AKS family, Microsoft will have a holistic suite of Kubernetes offerings for customers in the cloud and on-premises.

System Center Virtual Machine Manager (SCVMM) self-service capabilities are now generally available in Azure with Azure Arc. Once connected with Azure Arc, customers can manage and control their System Center Virtual Machine Manager (VMM) environments on Azure and perform VM self-service operations from the Azure portal. Customers get a consistent management experience across Azure for the cloud and hybrid environments. For Azure Pack customers, this solution is intended as an alternative to performing VM self-service operations.

Additional resources:

1.5.6. Updates to Azure Storage services

Several new features and performance enhancements for storage on Microsoft Azure are designed to simplify data management, enhance performance and facilitate a smoother migration to the cloud. These updates include:

Azure Ultra Disk Storage: The maximum provisioned input/output operations (IOPS) per second and provisioned throughput on Azure Ultra Disk Storage is increased to 400,000 IOPS and 10,000 MB/s per disk. A single Ultra Disk can achieve the maximum IOPS and throughput of the largest Azure virtual machines, reducing the complexity of managing multiple disks striped together. The increased performance can also be leveraged by multiple Azure Virtual Machines when the Ultra Disk is configured as a shared disk. This update is generally available.

Azure Storage Mover: Azure Storage Mover is a Microsoft service that enables Azure storage customers to migrate their on-premises file shares to Azure file shares and Azure Blob Storage. Updates include:

  • The Server Message Block (SMB) share to Azure file share migration path is now generally available.
  • A Storage Mover agent image for VMware is now generally available.
  • Storage accounts with the blob storage Hierarchical Namespace Service feature are now supported in preview.

New file system performance and economics with Azure Native Qumulo Scalable File Service: Azure Native Qumulo (ANQ) V2 Scalable File Service transforms the cloud file service by combining the performance and elasticity of the cloud with enterprise features and universal compatibility of on-premises file systems.

New and enhanced capabilities, generally available, include:

  • Unbeatable economics: ANQ offers pay-as-you-go pricing, enabling reductions in cost as data volume grows.
  • Cloud scale: ANQ separates performance from capacity, allowing throughput and capacity to scale independently, elastically and seamlessly.
  • Cloud simplicity: ANQ’s rapid deployment gets customers running in just 12 minutes directly in the Azure portal. With ANQ V2’s global namespaces, all workloads can be pointed to a single namespace regardless of the data residing on ANQ or in on-premises Qumulo environments.

Additional resources:

1.6. Azure Management & Operations

1.6.1. Azure Business Continuity Center helps manage, protect and govern resources at scale, now in preview

Azure Business Continuity Center is a tool that will give IT admins comprehensive, resilient protection capabilities to address complex security requirements and rapidly evolving threats. The new Azure Business Continuity Center, now in preview, will provide IT admins with these benefits:

  • Simplified management: A one-stop solution for ensuring business continuity and disaster recovery (BCDR) by providing customers with the ability to manage solutions across first-party Azure services, such as Azure Backup and Azure Site Recovery, and eventually third-party solutions.
  • Rich insights: Users can view a security summary of the entire BCDR estate and receive guidance on individual security properties with actionable insights to improve security posture.
  • Protection across the continuum: Helps ensure efficient ransomware protection and mitigation for the infrastructure, data and application layers with simplified monitoring to validate current protection state and configuration drift.

Additional resources:

1.6.2. Azure Chaos Studio now generally available

Azure Chaos Studio, now generally available, provides a fully managed experimentation platform for discovering challenging issues through experiment templates, dynamic targets and a more guided user interface.

Chaos Studio offers customers the opportunity to intentionally disrupt their applications to uncover reliability issues and strategize for issue prevention before they impact users. For example, Chaos Studio enables users to assess how applications respond to real-world disruptions like network delays, unexpected storage failures, expired secrets or even complete datacenter outages. Templates in Chaos Studio allow customers, in a matter of minutes, to test the resilience of their Azure resources by providing a set of pre-filled experiments based on common outage scenarios. Dynamic targets functionality allows users to select experiment targets by using Keyword Query Language (KQL) queries, rather than static list selection, allowing more sophisticated fault injection scenarios to be created.

Customers acquire the ability to boost their resilience against faults and failures by gaining a better understanding of application resiliency, conducting experiments with a wide variety of agent- and service-based faults and maintaining production quality through continuous validation.

Additional resources:

Two people sit in a room working on a laptop.

2. Developer 2.1. Developer Community

2.1.1. New AI Microsoft Applied Skills credentials now available

Microsoft is releasing new Microsoft Applied Skills credentials critical to AI transformation to help users:

  • Develop generative AI with Azure OpenAI Service.
  • Create an intelligent document processing solution with Azure AI Document Intelligence.
  • Build a natural language processing solution with Azure AI Language.
  • Build an Azure AI Vision solution.

Microsoft previously announced Microsoft Applied Skills, a new credential that allows individuals to prove they have specific skills needed to implement projects aligned to business scenarios.

Including the new set available at Microsoft Ignite, 15 Microsoft Applied Skills credentials have been released and with at least five more coming by the end of December 2023. The new credentials align to projects, like developing generative AI solutions or configuring secure access using Azure networking, which are key as organizations adopt cloud and AI technologies.

Microsoft Certifications and Microsoft Applied Skills are complementary and verified by Microsoft, offering a signal of trust to organizations and helping them efficiently pinpoint talent with the technical skills they need to implement highly technical solutions and take on projects critical to organizational success.

The process to earn a Microsoft Applied Skills credential is designed to be straightforward and flexible and includes:

  • Optional training, including free self-paced learning paths available on Microsoft Learn, with instructor-led training coming soon.
  • Passing an interactive, lab-based assessment that takes candidates through a series of scenario-based tasks in products like Microsoft Azure or Power Platform. The lab assessment is accessible on-demand directly from Microsoft Learn.
  • Receiving a credential, verified by Microsoft, which can be easily shared to LinkedIn profiles, providing the opportunity to showcase new skills on a professional network.

Additional resources:

2.2. Developer Tools & DevOps

2.2.1. Azure Migrate application and code assessment now generally available

The Azure Migrate application and code assessment, now generally available, complements the Azure Migrate assessment and migration tool to help modernize and re-platform large-scale .NET and Java applications through detailed code and application scanning and dependencies detections. The tool offers a comprehensive report with recommended code changes for customers to apply a broad range of code transformations with different use cases and code patterns.

Additional resources:

2.2.2. Azure Container Apps makes it easier to deploy apps, run AI workloads

Azure Container Apps is adding new features to make it easier to deploy code to the cloud and run AI workloads.

  • Dedicated GPU workload profiles: Users will be able to run machine learning models with Azure Container Apps as a target compute platform to build event driven intelligent applications to train models or derive data-driven insights. This feature is in preview.
  • Azure Container Apps landing zone accelerator: Simplifies building of a production-grade secured infrastructure at an enterprise scale to deploy fully managed, cloud-native apps and microservices. This feature is generally available.
  • Azure Container Apps code to cloud: Users will be able to focus on code and quickly take an application from source to cloud without the need to understand containers or how to package application code for deployment. This feature is in preview.
  • Vector database add-ins: Three of the most popular open-source vector database variants, Qdrant, Milvus and Weaviate, are now available in preview as add-ins for developers to get started in a fast and affordable way.

Additional resources:

2.2.3. Azure Deployment Environments adds new capabilities

Azure Deployment Environments is adding new capabilities to increase Azure service integration and expand configuration options. These features, now in preview, will make it easier to set up and delete application infrastructure with the Azure Developer CLI tool and the schedule auto-expiry feature and include:

  • Azure Developer CLI (azd) integration: Enterprise developers will be able to leverage azd to provision application infrastructure using Azure Deployment Environments and more easily deploy code onto their provisioned infrastructure.
  • Schedule auto-expiry: Development teams will be able to configure environments to auto-expire so that the resources are deleted once an environment is no longer needed.

Additional resources:

2.2.4. Azure Functions announces support for .NET 8, new hosting plan

Azure Functions now supports .NET 8 for applications using the isolated worker model. Support is now available for Windows and Linux on the consumption, elastic premium and application service plan hosting options. This update is generally available.

Flex Consumption Plan is a new Azure Functions hosting plan that will build on the consumption, pay-for-what’s-used, serverless billing model. It will provide more flexibility and customizability without compromising on available features. New capabilities will include fast and large elastic scale, instance size selection, private networking, availability zones and high concurrency control. Users can request access to the private preview.

Additional resources:

2.2.5. Azure Kubernetes Service offers new capabilities for AI and machine learning workloads

Customers can now run specialized machine learning workloads like large language models (LLMs) on Azure Kubernetes Service (AKS) more cost effectively and with less manual configuration. The release of Kubernetes AI toolchain operator automates LLM model deployment on AKS across available CPU and GPU resources by selecting optimally sized infrastructure for the model. It makes it possible to easily split inferencing across multiple lower-GPU-count VMs, increasing the number of Azure regions where workloads can run, eliminating wait times for higher-GPU-count VMs and lowering overall cost. Customers can also choose from preset models with images hosted by AKS, significantly reducing overall inference service setup time.

Additionally, Azure Kubernetes Fleet Manager enables multi-cluster and at-scale scenarios for AKS clusters. Platform admins who are managing Kubernetes fleets with many clusters often face challenges staging their updates in a safe and predictable way. This allows admins to orchestrate updates across multiple clusters by using update runs, stages and groups. This is now generally available.

Additional resources:

2.2.6. Azure Native Services update to optimize performance and scale

Azure Native ISV Services enables organizations to access and utilize specialized software and services on Microsoft Azure. These services offer features tailored for cloud performance, seamless integration and operational efficiency between independent software vendor (ISV) software and services native on Azure.

Apache Airflow™ on Astro – an Azure Native ISV Service now in preview – will enable organizations to place Airflow at the core of their data operations, providing ease of use, scalability and enterprise-grade security to help ensure the reliable delivery of mission-critical data pipelines. With the Azure Native ISV Services integration, Astro will be easily available within the Azure portal as a managed service. Instead of managing complex data pipelines, developers will be able to focus on data, code, security and billing across third-party entities. Developers may opt for the pay-as-you-go option based on their usage with billing via the Azure Marketplace.

Additional resources:

2.2.7. Microsoft Dev Box introducing new capabilities for customization and setup

Microsoft Dev Box is introducing new capabilities to support greater customization and simplify Dev Box setup for development teams. These new features, now in preview, focus on increasing developer productivity and satisfaction:

  • Dev box limits: Developer teams will be able to directly limit the number of dev boxes each developer can create within a project to help manage costs and ensure efficient use of resources.

Additionally, Dev Boxes will connect to new Microsoft hosted networks to simplify network setup by eliminating the need to create, configure and secure a virtual network. IT admins and development teams can also use the new quick create template for a complete, step-by-step guide from initial admin configuration through Dev Box deployment.

Docker, in collaboration with Microsoft, now provides Dev Box-compatible preconfigured images on the Azure Marketplace that have everything needed to build containers with Visual Studio and Docker Desktop.

Additional resources:

2.2.8. Microsoft offering guidance to help organizations establish Platform engineering

Platform engineering is an approach that builds on DevOps best practices through tools for automation, tracking, governance and observability to accelerate modern software application delivery.

Organizations need developers to get started and deploy code quickly while also ensuring their software processes are secure, compliant and cost-controlled. Platform engineering capabilities empower developers with more self-service, automated experiences, and operations teams with more standardized, secure and efficient application development infrastructure to ultimately improve developer productivity, governance and time to business value.

Microsoft provides a core set of technology building blocks and learning modules to help organizations get started on their journey to establish a platform engineering practice.

Additional resources:

2.2.9. MQTT broker feature, publish-subscribe capabilities now available for Azure Event Grid

Azure Event Grid now supports additional capabilities to help customers capitalize on growing industry scenarios. A key part of this new functionality is the ability to deliver publish-subscribe messaging at scale, which enables flexible consumption patterns for data over HTTP and MQTT protocols. This capability is now generally available.

Reflecting the growing demand for connectivity, integration and analytics between Internet of Things (IoT) devices and cloud-based services, Azure Event Grid’s new MQTT broker feature enables bi-directional communication between MQTT clients at scale, enabling one-to-many, many-to-one and one-to-one messaging patterns using MQTT v3.1.1 and MQTT v5 protocols. This feature is now generally available.

These capabilities allow IoT devices from manufacturing plants, automobiles, retail stores and more to send data to – and receive data from – Azure services and third-party services. To process the data further, users can route IoT data to Azure services, such as Azure Event Hubs, Azure Functions and Azure Logic Apps. Data can also be routed to third-party services via webhooks.

Other new features include:

  • Pull delivery for event-driven architectures: This allows customers to process events from highly secure environments without configuring a public end point, controlling the rate and volume of messages consumed, while supporting much larger throughput. This feature is generally available.
  • Push delivery to Azure Event Hubs: Event Grid namespaces will support the ability to push events to Azure Event Hubs at high scale through a namespace topic subscription. This enables the development of more distributed applications to send discrete events to ingestion pipelines. This feature is in preview.
  • Increased throughput units: To help customers scale to meet the demands of these new scenarios, Event Grid has also increased the number of throughput units available in an Event Grid namespace to 40, meeting the needs of more data-intensive scenarios by providing more capacity. This feature is generally available.

Additional resources:

2.2.10. New AI and orchestration capabilities from Azure Communication Services

Azure AI Speech integration into Azure Communication Services Call Automation workflows, generally available in November, will enable AI-assisted experiences for customers calling into a business. By recognizing specific phrases as well as free-form sentences spoken by a customer, businesses will be able to adapt to changing customer needs and help shorten the time customers spend navigating Interactive Voice Response (IVR) menus.

Azure Communication Services job router, generally available in early December, will simplify the development of routing capabilities for inbound customer communications and steering customers to the most suitable point of contact in a business. Whether it’s an agent in a contact center with a specific skill set or an automated service designed to manage routine inquiries, job router will ensure that every customer inquiry is pointed to the most appropriate resource available.

Additional resources:

2.2.11.New capabilities simplify app migration to Azure App Service for Linux, Windows

Azure App Service is quickly becoming the preferred cloud destination for migrating millions of .NET and Java workloads still running on-premises. New capabilities that simplify app migration for Linux and Windows include:

  • Single subnet support for multiple App Service plans is now generally available. Network administrators gain substantial reduction in management overhead thanks to the new capability enabling multiple service plans to connect to a single subnet in a customer’s virtual network.
  • WebJobs on Linux is now in preview. WebJobs is a popular feature of Azure App Service that enables users to run background tasks in the Azure App Service without any additional cost. Previously available on Windows, it will extend to Linux, enabling customers to run background or recurring tasks and do things like send email reports or perform image or file processing.
  • Extensibility support on Linux is now in preview. Previously available on Windows, it will allow Linux web apps to take advantage of third-party software services on Azure and connect to Azure Native ISV services more easily.
  • gRPC, a high-performance, open-source universal RPC framework that now provides full bi-directional streaming support and increased messaging performance over HTTP/2 for web apps running on App Service for Linux is generally available.

Additional resources:

2.2.12. New updates for integration of applications, data and processes in Azure

Several new updates have been made throughout Azure offerings, giving users the ability to better integrate their applications, data and processes.

API Management’s Credential Manager, now generally available, simplifies the management of authentication and authorization for both professional developers and citizen developers.

Defender for APIs, a new offering as part of Microsoft Defender for Cloud – a cloud-native application protection platform (CNAPP), is now generally available. Natively integrating with Azure API Management, security admins gain visibility into the Azure business-critical APIs, understand and improve their security posture, prioritize vulnerability fixes and detect and respond to active runtime threats within minutes using machine learning-powered anomalous and suspicious API usage detections.

Azure Integration Environment, in preview, is a new Azure Service that will offer a unified and streamlined experience for Azure Integration Services, presenting users with a single-pane view of the various components of Azure Integration Services used to build the integration solution. With a unified interface, it will empower users to effortlessly orchestrate and manage diverse components of the Azure Integration Services portfolio tailored to their unique needs.​

Other updates include:

  • .NET Framework Custom Code Extensibility for Azure Logic Apps is generally available.
  • Application Insights enhancements for Azure Logic Apps are generally available.
  • Business process tracking is in preview.

Additional resources:

A woman sits in an office holding a Surface tablet.

3. Edge 3.1. Edge

3.1.1. Shared links in Edge will provide inbox for links

Shared links in Microsoft Edge for Business will bring links that have been shared in Microsoft Outlook and Teams to helpful locations, such as the address bar, new tab page and the Edge sidebar. The experience will also be available in the Edge mobile app. Instead of having to hunt through emails and chats or ask a colleague for a link again, users will be able to easily find and open these links within the Edge browser.

Users will easily see recent links shared with them from Outlook and Teams by typing in the address bar or opening a new tab. They can also open a new Shared links pane in the Edge sidebar or in the Edge mobile app to see even more links. From there, they can filter by person, date, link type or the app it came from. Edge will be like an inbox to find and open shared links –providing a quick reference home for links that colleagues have shared.

Shared links in Microsoft Edge for Business is available as prepopulated results in the Edge address bar, is in preview in the Edge new tab page and in Edge mobile and will be coming soon to the sidebar.

Additional resources:

A woman stands at a kitchen island working on a laptop.

4. Microsoft 365 4.1. Microsoft 365 Apps & Services

4.1.1. Introducing Microsoft SharePoint Premium

As the volume of content grows across every organization in this era of digital transformation and AI, Microsoft is expanding its content management portfolio beyond SharePoint, the market leader in content platforms.

SharePoint Premium, Microsoft’s new AI-powered solution to transform content management, content experiences and get content ready for Microsoft Copilot, a set of tools that help people achieve more using AI, is now in preview and will be generally available early next year. SharePoint Premium will build structure, security and governance to ground an organization’s content, so Copilot has better information to leverage. New features will include:

  • Content experiences to help information workers in their flow of work, allowing them to seamlessly discover, interact and collaborate with hundreds of file types, while providing fresh content using AI analytics with branded document packaging.
  • Content solutions that optimize critical business processes with AI, security and automated workflows.

SharePoint Premium also includes content processing and content governance services and solutions, with both new and existing capabilities from Microsoft Syntex and Microsoft SharePoint Advanced Management.

SharePoint Premium will expand content management in Microsoft 365 to help organizations get more value from their content throughout the lifecycle and bring content into the flow of work for information workers, IT pros, developers and more. Availability of services included in SharePoint Premium will roll out between now and the first half of 2024.

Additional resources:

4.1.2. Microsoft Clipchamp and app integrations for Microsoft Designer now available

Microsoft 365 is enabling a new era of visual content creation for commercial customers. With Microsoft Clipchamp and Microsoft Designer, Microsoft 365 is democratizing video and image creation. Intuitive user experiences enhanced by AI make it simple for anyone to create compelling visuals – no experience required.

Microsoft Clipchamp
Clipchamp is now generally available for commercial customers and can be accessed by users licensed for Microsoft 365 Enterprise (E3 and E5) and Business (Standard and Premium) suites.

Additionally, Clipchamp Premium features and licensing will become available in December 2023. These features will include 4K exports, organization brand kit capabilities and premium stock content (audio, video and graphics), with more premium features being added in the coming months, including AI-powered features. Customers will also be able to purchase Clipchamp independently of Microsoft 365 as a standalone license.

Microsoft Designer
Designer is first coming to commercial customers through integrations in various Microsoft 365 apps, so users can create images within the flow of work. Microsoft 365 Enterprise (E3 and E5) and Business (Standard and Premium) users can now use Designer in Edge. Designer in Teams for creating announcement banners will become available in the coming weeks, and Copilot in Microsoft Designer for use in Word, PowerPoint and Whiteboard will be available by the end of 2023. A preview of the Designer app will become available to commercial customers in the coming months, followed by general availability later next year.

Additional resources:

4.1.3. Microsoft Loop now generally available with updated features

The Microsoft Loop app is now generally available for the web and mobile (iOS and Android) for commercial customers. The Loop mobile app (iOS and Android) is generally available for consumer customers as well. Full functionality is available to business customers as part of their Microsoft 365 E3, E5, Business Standard and Business Premium Licenses.

Recent improvements and new capabilities for the Loop app include:

  • Workspace status: Currently in private preview, Workspace status will provide information such as upcoming deadlines and status changes to provide a simple overview and help people know where to direct their attention.
  • Workspace descriptions: When a workspace is created, Loop will intelligently surface files and documents that may be related to the project. A more descriptive prompt can be included with the workspace title to return more refined results and kick off a workspace with everything that’s needed. This capability is in preview.
  • Power Automate: Loop will integrate Power Automate to help simplify task tracking and project management. A new rule can be created in a Loop table enabling automatic notifications to be sent when the table is updated. This automation will help teams stay on track while saving time to focus on what matters. This capability is in preview.
  • Start a workspace from Teams: After a Teams meeting, a Loop workspace will be able to be created and will be automatically populated with the related documents and notes from the meeting, helping a team get started on their project easily. This capability will be in preview by the end of 2023.

Additional resources:

4.1.4. New updates to Microsoft 365 for frontline workers

Microsoft 365 for frontline workers helps support employee experiences in communications and operational efficiency. New updates to the tool include:

Copilot (formerly Bing Chat Enterprise) with commercial data protection will be available to all Microsoft Entra ID users starting with F3 licenses in December. This new tool will bring AI-powered web searches, answers and content generation for frontline workers. And with commercial data protection, frontline workers will be able to make smart requests, like looking up inventory or summarizing large internal documents, without worrying they are sharing company data.

Shifts plugin for Microsoft Copilot for Microsoft 365: Frontline managers will be able to quickly get a list of important items, specific to their team and location, to speed up time-consuming tasks such as covering shifts and onboarding new employees. Shifts plugin for Copilot for Microsoft 365 will use prompts to retrieve insights for frontline managers, leveraging data from the Shifts app, in addition to user and company data it has access to, like Teams chat history, SharePoint, emails and more. This feature will be generally available in December 2023.

Deploy and manage frontline teams with dynamic membership capabilities: Generally available in December, admins will be able to better deploy their frontline by provisioning frontline worker accounts and their teams with group membership in the Teams admin center. Using dynamic groups from Microsoft Entra ID, admins will automatically be kept up to date as people enter, move within or leave the organization. This dynamic membership makes it easy to set up a consistent Teams channel structure to optimize strong frontline collaboration from day one.

Deploy Shifts at scale: A new deployment tool to deploy and manage shifts for frontline workforce across multiple locations in the Teams admin center will be in preview in December. Users will be able to standardize time-off reasons, schedule groups and shift settings across all frontline teams.

Simple authorization with domain-less sign-in: Frontline workers will be able to sign in to Teams faster using only their employee ID, without having to type long domain names. This will be simple for frontline workers to use and easy to manage and deploy to reduce distribution and management overhead for IT admins. This feature will be available in preview in early 2024.

Additional resources:

4.1.5. The new Microsoft Planner brings together to-dos, tasks, plans and projects

Microsoft is bringing together Microsoft To Do, Microsoft Planner and Microsoft Project for the web into a single, unified experience called Microsoft Planner. This experience will first be available in the Planner app in Microsoft Teams in spring 2024, followed by web experiences later in 2024. Powerful, collaborative, scalable and assisted by next-generation AI, the new Planner will help everyone effectively manage their work and achieve their goals.

The new Planner experience will scale easily from collaborative task management to robust project management, empowering everyone, from information workers to frontline workers to project managers, so they can manage their work in one place and accelerate business outcomes with AI-enabled capabilities. Benefits will include:

  • The ability to easily find tasks, so users can focus on the tasks they need to get done today.
  • Helping users work the way they want. Whether for individual tasks or team initiatives, Planner will enable them to choose the approach that’s best for their needs.
  • Creating project plans with powerful scheduling and resourcing tools. As plans evolve, Planner will offer a menu of capabilities to meet unique business needs.
  • Copilot in Planner will help users get started with a plan faster with simple prompts and as the plan evolves, it will add goals and intelligently suggest new tasks to help keep users informed on progress.

In addition, the Tasks by Planner and To Do app in Microsoft Teams is being renamed Planner. Microsoft Project for the web will also be renamed over the coming months. Users of Project for the web can continue to use and enjoy the features they know, under the new name Planner.

The new Planner app in Microsoft Teams with premium work management capabilities and AI-powered experiences will be generally available in spring 2024, with the web experience coming later.

Additional resources:

4.2. Microsoft Teams

4.2.1. Immersive spaces in Teams generally available in January

Immersive spaces in Microsoft Teams, currently in preview, will be generally available in January 2024. Immersive spaces in Teams will bring the power of Mesh into the place where people work every day – Microsoft Teams. From the View menu in a Teams meeting, users can easily transform a 2D meeting into an immersive 3D experience.

Key capabilities in immersive spaces in Teams will include:

  • Avatars: Choose an avatar previously built for standard 2D Teams meetings or create a new one. Avatars are easy to customize to reflect a person’s appearance, style or mood for the day.
  • 3D environments: Choose from one of the ready-made 3D environments based on meeting needs, whether it’s a big team, social gathering or a small round-table discussion.
  • Seat assignments: Select where to sit in a meeting or event to drive connections with others.
  • Spatial audio and audio zones: Have multiple, simultaneous conversations and communicate effectively in subgroups without talking over each other.
  • Interactive activities: Play built-in interactive games within immersive spaces. Designated areas include spaces to roast marshmallows, throw beanbags, answer icebreaker questions and more.
  • Live reactions: Use live reactions, such as hearts, thumbs up or clap, during discussions.

Additional resources:

4.2.2. Microsoft Mesh generally available in January

Microsoft Mesh, currently in preview, will be generally available in January 2024. With Mesh, users will be able to create custom immersive spaces tailored to specific business needs, such as employee events, trainings, guided tours and internal product showcases. Using a no-code editor, customers will be able to easily customize an immersive event or the Mesh toolkit to leverage the power of Unity for fully customizable experience.

With the Mesh editor, users will be able to customize immersive experiences to address the unique needs of the event without writing a line of code. Event creators will be able to select from a set of ready-to-use immersive spaces, customize them by adding images, videos and screen share in a shared 3D canvas, and have them show up in an event in an orchestrated way. Once these objects are added, change the size and position, or put the video on loop so it fits right into the event. These customizations can then be saved as a template for anyone in the organization to reuse.

At general availability, additional capabilities will make it easier for speakers to interact with attendees when hosting immersive events in Mesh. Event organizers will be able to facilitate a Q&A session by enabling attendees to raise hands. Organizers will see the list of hands raised, in order, and will be able to call on participants, engaging them directly. When called on, attendees will be effectively seen and heard by everyone in the event. This makes immersive events more effective and engaging, and brings elements of real-life town hall experiences where organizers can facilitate a Q&A during an event.

The ability to customize immersive spaces in Mesh will be available in Teams Premium.

Additional resources:

4.2.3. New features and enhancements in Microsoft Teams

Microsoft Teams enables effective collaboration and communication for more than 320 million users around the world. New features in Teams bring a smarter, more personalized and simpler experience.

New Teams meeting features include:

  • Voice isolation in Teams meetings and calls: This AI-driven feature is an advanced noise suppression capability that leverages user’s voice profiles and suppresses other people’s voices in the background during a Teams meeting or call. AI in Teams will recognize an individual’s voice and filter only their voice in Teams meetings and calls. This feature rollout has begun and will be generally available in early 2024.
  • Decorate your background: Meeting participants will be able to use generative background effects in Teams to show up at their best – even when the space they’re working from isn’t at its best. With Decorate your background, meeting participants can use the power of AI to generate a background that decorates and enhances their real-world room, by cleaning up clutter or adding plants to a wall. This feature will be available early next year in Teams Premium.

Teams chat and channels enhancements, which are rolling out now through January 2024 include:

  • Customize default reactions: Users will have the flexibility to change and select their default emoji reactions in Teams chat, as well as reduce the number of reactions in their interface.
  • Forward chat: Users will be able to easily share a message received with another colleague by simply clicking on the message and selecting forward from the menu.
  • Group chat profile picture: Users will have a better way to reflect their team and group chat topic with custom pictures. Group chat members can upload an image or use pre-selected illustrations and emojis.
  • Loop components in channels: When composing a post in a channel, users will be able to easily co-create and collaborate on Loop components such as tables, lists, progress trackers and more.
  • Channel announcement background: Users will be able to create a personalized announcement background that harnesses creativity and engages teams in new ways. Users will be able to add images, type a description or use the power of AI to generate a personalized background. Creating an image using generative AI will be available in Teams Premium and Copilot.

New Teams Phone features include:

  • Private line: Now in general availability, users can have a private second phone number for a select set of callers so they can make calls directly to a specified contact, bypassing delegates, admins or assistants. Inbound calls to the private line will be distinguished by a unique ringtone and notification.
  • Protected voicemail: To ensure users don’t miss important voicemails with sensitive information, users will now receive notifications for protected voicemails in the Calls app in Teams with a link to access the voicemail securely in the Outlook web app. This is now generally available.
  • New Teams Phone offers in India: For customers who have employees based in India, Microsoft is working with local operators – Airtel, Tata Communications Limited and Tata Tele Business Services – which will be launching their Teams Phone-powered solutions in compliance with regulatory requirements in the market. These solutions will provide employees with greater calling flexibility and will support work-from-home scenarios as well.

Updates to create a simpler and easier Teams experience include:

  • Microsoft Teams web experience: Microsoft recently released the new Teams app for Windows and Mac, and now, the new Teams web experience is generally available for web customers who use Microsoft Edge or Google Chrome, providing a faster and simpler Teams experience to help users save time and collaborate more efficiently. New Teams is reimagined from the ground up to deliver up to two times faster performance while using 50 percent less memory. From redesigning channels and simplifying notifications to enhancing personalization options, the new Teams web experience offers a simpler and responsive user experience that’s easier to navigate and accomplish with fewer clicks.
  • New Teams keyboard shortcuts: New keyboard shortcuts in Teams will save users time when composing a message, navigating in the app, taking an action in a chat and channels or changing a setting. New shortcuts include Alt+Shift+D to set status to Do not disturb and Alt+Shift+R to reply quickly to the latest message received. The full list of keyboard shortcuts is available, and new shortcuts will be generally available by January 2024.
  • Code block enhancements: New enhancements to code blocks will make it easier for users to send code in Teams. Users will be able to start a code block using the entry point in format options or by using markdown. Users can pick/change the code language for syntax highlighting when pasting or writing code. This update will be generally available by January 2024.
  • Simplified notifications: Users will be able to clear notifications with a single click in activity, chat and channels and customize Teams notification settings to quickly identify what matters most. This update will be generally available in January 2024.
  • Manage your teams and channels: Users can easily manage the channels list in Teams to focus on what matters most. When starting a new collaboration space, users will be prompted to create a channel, and when joining a new team users can choose only the channels they would like to show in the channel list. When a channel is no longer active or relevant, a user can archive the channel, and it will be hidden and closed for further action, but the information can still be accessed. This update will be generally available in January 2024.
  • Private team discovery: Admins will be able to make private teams discoverable in their organization. Users can view and search for these private teams through the “Join team gallery” in their client. This update will be generally available in January 2024.
  • Shared channels enhancements: To make it easier to collaborate with external stakeholders, admins are able to set up a form that captures the user’s request to add an external member who is not from an approved organization. Team members can also create shared channels, if the channel owner permits it. Users can share direct links to a channel, post or reply. This update will be generally available in January 2024.
  • Teams AI library: Teams AI library, a new feature for app developers, is now generally available for JavaScript and .NET. The Teams AI library simplifies building engaging conversational apps in Microsoft 365. The library helps app developers build intelligent bots and message extensions powered by AI and large language models.

Additional resources:

4.2.4. New features streamline IT management for Teams experiences

Several new features have been developed for Microsoft Teams to help streamline processes for IT admins and organizations and include:

Teams Rooms low-friction deployment: Teams Rooms can now be deployed using Windows Autopilot, in private preview, reducing deployment times from days to just a few hours. For devices that can’t use Autopilot, Microsoft is introducing a simplified deployment option with one-time passwords (OTPs), 16-digit codes that will eliminate the risk of sharing access credentials. OTP will be generally available in November. Remote Access is coming to the Teams Rooms Pro Management portal and will allow remote troubleshooting and proactive maintenance, monitoring device health and preventing issues before they affect meetings.

Simplifying Teams Phone deployment with shared calling: Shared calling allows admins to enable groups of users to make and receive public switched telephone network (PSTN) calls using a shared phone number and calling plan. With shared calling, a single phone number and calling plan can be shared across a team of users whether that’s a team of 10 people in a small office or 10,000 users in an enterprise department – they just need to have a Teams Phone license through either Microsoft 365 E5 or Teams Phone Standard. This feature is generally available.

Advanced Collaboration Tools: Advanced Collaboration Tools in Teams Premium empower IT admins to provide a more secure and self-regulated environment. Priority account chat controls, in preview, empower users to manage unwanted internal communications via policies setting. Users are notified about chats from new contacts, giving them a choice to accept or block the conversations. Advanced collaboration analytics, now generally available, offers deep insights into external collaboration behaviors. It empowers Teams admins to facilitate successful collaboration and mitigate potential risks of external collaboration.

Additional resources:

4.3. Microsoft Viva

4.3.1. Updates to Viva Engage and Viva Amplify

Viva Engage and Viva Amplify are tools to allow organizations to connect everyone through employee communities and conversations to build meaningful relationships and give company messages needed volume. Updates to both platforms include:

  • Multi-tenant organization (MTO) communication: Viva Engage supports MTO cross-tenant communication to make it easier for leaders to communicate and engage at scale to build community across the organization. Leaders can send a storyline announcement across tenants to share the same story to all stakeholders. Responding, reacting and analytics will be supported for cross-tent posts. This update is now generally available.
  • Publish from Viva Amplify to Viva Engage: This integration will allow for publishing from Viva Amplify to Viva Engage communities and storylines. It will also incorporate content shared to Engage within reports in Viva Amplify. This update will be available in private preview early next year.
  • Viva Goals and Viva Engage integration: The integration will bring mission, alignment and results into communities and conversation by helping customers build communities around goals, view goal progress from Viva Goals directly in Viva Engage and create divisional communities within Viva Engage designed to help leaders better communicate top-down interactions and initiatives, including delivering praise based on goal progress and achievement. This update will be generally available in the first half of 2024.
  • Seeded and AI-connected knowledge in Answers: This update will allow users to use AI to generate questions and answers from existing files and import them into Answers. Also, AI will automatically route open questions to people who might have the answer. Users can identify the right topics for a question, see top similar responses before publishing, and aid in routing to experts. This update will start rolling out later this year.
  • Viva Amplify updates: Viva Amplify will include publication templates for campaigns, adds localization in more than 50 languages and will include better reporting from system data to incorporate custom data from HR tools into filtering and reports. This update will be generally available in December.

Additional resources:

A man sits in front of a colorful mural working on a tablet.

5. Microsoft Copilot 5.1. Azure Data

5.1.1. Introducing Copilot in Microsoft Fabric

Microsoft Fabric is being infused with Azure OpenAI Service at every layer to help customers unlock the full potential of their data, enabling developers to leverage the power of generative AI against their data and assisting business users to find insights in their data.

With Copilot in Microsoft Fabric in every data experience, customers will be able to use conversational language to create dataflows and data pipelines, generate code and entire functions, build machine learning models or visualize results. Customers will even be able to create their own conversational language experiences that combine Azure OpenAI Service models and their data, and publish them as plugins.

Copilot in Fabric, now in preview, will build on Microsoft’s existing commitments to data security and privacy in the enterprise. Copilot inherits an organization’s security, compliance and privacy policies. Microsoft does not use an organization’s tenant data to train the base language models that power Copilot.

Additional resources:

5.2. Azure Management & Operations

5.2.1. Microsoft Copilot for Azure boosts productivity with generative AI

Microsoft Copilot for Azure, now in preview, is an AI companion that will simplify how users design, operate, optimize and troubleshoot applications and infrastructure from cloud to edge.

With Copilot for Azure, customers will gain new insights into their workloads, unlock untapped Azure functionality and orchestrate tasks across both cloud and edge. Copilot will leverage large language models (LLMs), the Azure control plane and insights about a user’s Azure and Arc-enabled assets. All of this is carried out within the framework of Azure’s steadfast commitment to safeguarding the customer’s data security and privacy.

Additional resources:

5.3. Bing

5.3.1. Bringing Copilot to everyone

The efforts to simplify the user experience and make Copilot more accessible to everyone starts with Bing, Microsoft’s leading experience for the web. Bing Chat and Bing Chat Enterprise will now simply become Copilot. For Microsoft Entra customers, Copilot in Bing, Edge and Windows adds commercial data protection. Copilot will be out of preview and become generally available starting December 1. Over time, Microsoft will also expand eligibility of Copilot with commercial data protection to even more Entra ID (formerly Azure Active Directory) users at no additional cost.

Additional resources:

5.4. Copilot for Sales and Copilot for Service

5.4.1. Introducing Microsoft Copilot for Service

The power of generative AI is being extended to business user workflows with the introduction of Microsoft Copilot for Sales and Microsoft Copilot for Service. These copilots are designed to help organizational functions reinvent business processes with AI and stay in the flow of work. Both Copilots will include a license for Microsoft Copilot for Microsoft 365, allowing for generative AI support across all workflows to surface business insights, accelerate decision-making and create materials, such as briefs or customer communications, all with context rooted in data from existing CRM systems of records, knowledge repositories, third-party applications and Microsoft 365.

Microsoft Copilot for Service is a new business copilot that will help extend existing contact centers with generative AI to boost agent productivity. Copilot for Service will include Copilot for Microsoft 365 and will integrate with third-party CRM and contact center solutions. Organizations will be able to simply point to their data, such as trusted websites, knowledgebase articles, files and, more importantly, data sources from their existing contact center, and in a few minutes unlock generative AI-powered conversations across all their data. Copilot for Service will include out-of-the-box integrations with Salesforce, ServiceNow and Zendesk, and will be extended to other systems with more than 1,000 pre-built and custom connectors.

During customer interactions, agents will be able to ask Copilot for Service questions in natural language and receive relevant insights pulled from customer and product data sourced from knowledge repositories. This will improve the speed at which agents can meaningfully assist and resolve cases, providing better experiences for both agents and customers. And since Copilot for Service will include Copilot for Microsoft 365, these productivity resources will be delivered in the tools agents already use every day, such as Outlook and Teams, as well as third-party agent desktops of choice like Salesforce, ServiceNow, Zendesk and others.

Additional resources:

5.4.2. Microsoft Copilot for Sales will boost enhancements and integration partnerships

Microsoft Sales Copilotalready generally available and being used by 15,000 organizations including Rockwell Automation, Netlogic and Avanade, helps sellers create more personalized customer engagements and increase productivity. Building off this success, Microsoft is today announcing the new Microsoft Copilot for Sales, which will include licenses for Microsoft Copilot for Microsoft 365. Copilot for Sales will help sellers by leveraging the power of generative AI across Microsoft 365 apps, CRM systems of record and other relevant third-party data sources via Power Platform connectors.

Copilot for Sales capabilities will include access to Copilot for Microsoft 365 that will bring the power of both Copilots to allow sellers to harness the benefits of generative AI across all workflows and productivity surfaces, such as Microsoft Teams and Word in a newly integrated experience.

  • Meeting recaps in Teams will combine insights from Copilot for Sales and Copilot for Microsoft 365 to surface action items, task creation and conversation KPIs.
  • Copilot for Sales will be able to create a meeting preparation brief by pulling relevant information into a Word document, including a summary of the account and opportunity, names and titles of meeting participants, open tasks related to the opportunity, relevant highlights from recent meetings, relevant email threads and more.

Additional resources:

5.5. Dynamics 365

5.5.1. New capabilities and integrated offerings for Copilot in Dynamics 365 Field Service

Dynamics 365 Field Service, which helps businesses transform their service operations and improve customer experiences through AI, mixed reality and the Internet of Things (IoT), has several new Copilot capabilities and integrated offerings. They include:

Improved technician productivity with next-generation AI
In preview beginning December 2023, frontline workers will be able to access key work order information by asking Copilot questions within Microsoft Teams. Using natural language, they will be able to simply state what they need to receive specific information related to work orders in Dynamics 365 Field Service, including status updates, parts needed or instructions to help them get the job done.

Additionally with the Dynamics 365 Field Service app in Teams, generally available in December, frontline workers will be able to view and edit their work orders in the flow of work in Teams. Copilot will also become generally available to assist frontline managers with work order scheduling in Microsoft Teams, saving time and effort to find the right worker for the job.

With the preview of new Copilot capabilities in Dynamics 365 Field Service mobile in December, frontline technicians will be able to quickly get a summary of key points in a work order without having to navigate through a series of tabs. They will be able to swiftly make progress updates by simply speaking to Copilot and describing what they did. Copilot will provide suggestions to efficiently check off service tasks, add notes and update product quantities as well as statuses, accelerating data-entry so technicians can focus on providing great customer service.

Streamlined manager workflows with next-generation AI
Introduced in preview earlier this year and becoming generally available in December, Copilot capabilities in the Dynamics 365 Field Service Outlook add-in for frontline managers will streamline work order creation with relevant details pre-populated from emails, as well as optimize technician scheduling with data-driven recommendations based on factors such as travel time, availability and skillset, without switching apps. Relevant work orders are surfaced within this experience for managers to review before creating new work orders, and these can be easily rescheduled or updated as customer needs change.

Introduced in preview earlier this year and now generally available, a redesigned Dynamics 365 Field Service work order management experience brings important information front and center – reducing the number of clicks for key tasks by more than a third. Additionally, Copilot is available in preview within this experience to provide frontline managers intelligent recaps so they can stay up to date without having to navigate through all the information in a work order.

Efficiencies with more integrated offerings
Seamless financial and inventory data flow between Dynamics 365 Field Service, Dynamics 365 Finance and Supply Chain Management will help ensure the frontline and back-office operations stay in sync. By syncing real-time price and cost information from work orders, and automatically updating financial and inventory data as work orders are executed, this integration, in preview, will reduce the effort required to connect these Dynamics 365 apps.

Beginning December 2023, Dynamics 365 Field Service customers can get access to Dynamics 365 Guides and Dynamics 365 Remote Assist at no additional cost. Users will be able to create guides to provide technicians with step-by-step instructions for key tasks and enable real-time collaboration with remote experts via mobile or HoloLens 2 devices when additional assistance is needed. Also, customers can purchase Dynamics 365 Field Service Contractor to provide essential work order management functionality to vendors as they scale field service operations to meet demand.

Additional resources:

5.5.2. New Copilot in Dynamics 365 Sales features

Two new Copilot in Microsoft Dynamics 365 Sales experiences will allow sellers to interact with their data using natural language and include:

  • The ability for sellers to use natural language with Copilot in Dynamics 365 Sales to get contextual insights and recommendations for leads and opportunities, in addition to using pre-built prompts previously announced. This feature is in preview.
  • A full-screen view for Copilot in Dynamics 365 Sales where sellers will be able to use natural language or pre-built prompts to gain a quick understanding of customers, deals, meetings, forecasts and more. This experience will roll out starting in November in Asia and Europe and will continue into other markets at later dates.
  • While Copilot in Dynamics 365 Sales already integrates with popular seller tools like People.ai, Copilot now takes that a step further with extensibility for independent software vendors (ISVs) who can leverage Power Platform Connectors to integrate into Opportunity Summary view in Outlook. These are already being used by DocuSign and PROS to bring relevant contract details, and pricing and quotes, respectively, into Outlook.

Additional resources:

5.5.3. New features, enhancements and partnerships for Copilot in Dynamics 365 Customer Insights

Dynamics 365 Customer Insights, which uses real-time data and next-generation AI to help marketers understand their customers and create personalized experiences, has several new features and updates, all in preview over the next month and include:

Deeper customer understanding and connected marketing and sales capabilities.
Marketers will be able to now qualify their leads using metrics, such as engagement scores, and easily hand off to their sellers to help ensure marketing and sales teams maximize the opportunity pipeline and increase win rates.

Sellers will benefit from AI-generated customer profile summaries from their customer data platform application that summarize key components of customer profiles, including demographic, transactional, behavioral and analytics data, to generate key insights for quick customer understanding.

Integration partnerships with Optimizely.
Organizations will be able to leverage segments and journeys built in Dynamics 365 Customer Insights in Optimizely to create campaigns that can be personalized in real-time without writing any code. With bi-directional integrations, organizations will be able to provide hyper-personalized omnichannel experiences to their customers across web, social, email and offline channels.

Additional resources:

5.6. Edge

5.6.1. Simplify management of Edge for Business with Copilot in Microsoft 365 admin center

Copilot will be coming to the Edge management service via Copilot in Microsoft 365 admin center to provide an intelligent management experience for Edge for Business. Copilot in Microsoft 365 admin center will provide a shared experience across other Microsoft 365 admin centers as well, including SharePoint, Teams and more, to create a cohesive Copilot experience across Microsoft 365 management services for IT admins.

Currently available in private preview, Copilot in the Edge management service will give guidance to IT admins on recommended policies and extensions for their users. More capabilities will be added in the future.

Additional resources:

5.7. Industry Cloud

5.7.1. Copilot in Dynamics 365 Guides brings mixed reality and AI to real-world operations

Copilot in Microsoft Dynamics 365 Guides is a new capability that will bring the power of mixed reality and generative AI to real-world operations, enabling frontline workers to address issues faster with the combined power of AI, mixed reality and the Microsoft Cloud.

Copilot will enable field service technicians and operators in manufacturing and service industries to converse with AI using natural language. The AI, powered by Azure OpenAI Service, will pull from a curated set of documentation to serve up relevant information based on the task at hand. That information could include things like help with troubleshooting, step-by-step procedural guidance, detailed information, service work history, current device readings or completion of work order forms. Holographic overlays will allow workers to accomplish tasks seamlessly without breaking the flow of work.

With Copilot in Dynamics 365 Guides, organizations will be able to:

  • Improve operational efficiency by enabling workers with the right information at the right time within the flow of work. With the ability to point and ask, frontline workers will be able to point at a component on a machine that needs service or repairs, ask questions and receive intelligent answers that help them resolve issues faster and reduce on-the-job frustration.
  • Accelerate the onboarding of new workers and upskill existing workforce effectively with an immersive and intelligent learning platform in mixed reality, which improves confidence in executing a task while reducing cognitive overload. The capability will help create personalized, role-based training to accelerate onboarding time and reduce the need for retraining.
  • Seamlessly capture, integrate and democratize institutional knowledge into existing workflows and access detailed repair guidance, historical service data and best practices in real time, helping to ensure consistent, high-quality maintenance while minimizing errors.
  • Enable frontline workers to access and update forms and systems of record associated with their work and the equipment they’re working on, without leaving the flow of work.

Copilot in Dynamics 365 Guides is currently in private preview on HoloLens 2.

Additional resources:

5.8. Microsoft Copilot for Microsoft 365

5.8.1. New capabilities in Microsoft Copilot for Microsoft 365

Microsoft Copilot for Microsoft 365 is an AI assistant at work. It automatically inherits an organization’s security, compliance and privacy policies for Microsoft 365. Data is managed in line with Microsoft’s current commitments. It’s integrated into the Microsoft 365 apps millions of people use every day —Word, Excel, PowerPoint, Outlook, Teams and more. Copilot for Microsoft 365 is already used by tens of thousands of enterprise users in the Early Access Program, including customers at companies like Visa and KPMG and is now generally available for enterprise customers.

New capabilities for Copilots include:

Microsoft Copilot Dashboard
As organizations invest in AI productivity tools, leaders need clear visibility into how employees are leveraging AI and how is it transforming their organization’s productivity. They need to ensure these tools are being used to their full potential. Microsoft Copilot Dashboard, powered by Microsoft Viva, will help leaders answer how copilot is affecting their organization and changing the way people work. This dashboard will enable leaders and organizations to plan their copilot readiness, drive adoption and measure the impact of Copilot for Microsoft 365. It’s available as part of Microsoft 365 subscriptions starting today and coming to the Viva Insights app in Teams and on the web in December 2023.

Copilot in Microsoft Teams
With the combined power of Copilot in Microsoft Whiteboard and Copilot in Teams, meeting participants will be able to visualize meeting discussions. In addition to live summarization and notes during a Teams meeting, coming next year, Copilot will be able to visualize spoken discussion points and organize them in WhiteboardCopilot will be able to turn meeting participants’ spoken ideas and topics into a visual collaboration space in Whiteboard that can be shared across all meeting participants. Copilot will be able to suggest more ideas to add to Whiteboard as the meeting conversation happens. The captured content on Whiteboard will be saved as a Microsoft Whiteboard file, accessible via Teams, OneDrive for Business and directly via the Whiteboard app. For Copilot licensed users, a Copilot-generated summary of the Whiteboard will be able to be shared as a Loop component in Outlook, Word, Teams and more.

Copilot in Teams meetings will be able to take notes throughout a meeting and share with all participants during a Teams meeting. Users will be able to add shared meeting notes and agenda items in Collaborative notes. Collaborative notes are Loop components which stay in sync across all the places they’ve been shared. When enabled before the meeting, Copilot will automatically take live notes within Collaborative notes, so attendees can focus on the discussion. These notes will be shared with meeting participants and Copilot users will be able to ask for more specific notes like “Capture what Beth said as a quote.” Only one meeting participant will be required to have the Copilot license for the notes to be viewable and editable to all meeting participants. This capability will roll out next year in the Teams desktop and web app.

Copilot in Teams can be used during Teams meetings without retaining transcription. In the Teams admin center, admins can now assign a policy to enable Copilot with or without transcription, and meeting organizers can set their preference before the meeting starts. When enabled without transcription, Copilot can be used during the meeting to ask any question about the meeting, and after the meeting ends no transcript or Copilot interactions will be retained. Since no transcript is retained after the meeting, neither intelligent recap nor Copilot will be available after the meeting when this policy is enabled. This capability is generally available.

Copilot in Microsoft Teams channels, now generally available, enables users to quickly synthesize key information from a past conversation and have it summarized, with organized key discussion points. The summary of information includes citations, to keep users aware of the source.

The new Copilot compose box in Teams chat and channels, now generally available, serves as a writing assistant to help edit messages. Copilot can help rewrite messages, adapt the tone and modify length of the message before the user sends it.

In July, Copilot in Teams Phone was announced, allowing users to get real-time summarization and insights during calls. Users will soon be able to access Copilot from the Calls app in Teams to generate summaries, action items or ask any specific questions about the conversation after a call has wrapped up. The Copilot post-call experience in the Calls app will be supported for both VoIP and PSTN calls.

Copilot in Microsoft Outlook
Copilot in Microsoft Outlook will make it possible to do more in less time and with less effort. The new Copilot features help will help users prepare and schedule meetings.

Here is how it will work:

  • Preparing for meetings: Copilot will be able to generate a detailed summary of upcoming meetings based on the invite, related emails and attached files, making it easier to get ready for the meeting in minutes.
  • Scheduling meetings: Copilot will make it easy to schedule a follow-up meeting or any other meeting from an email summary. Either click the suggested action or chat with Copilot to set up a meeting. Copilot will be able to create an agenda, a title, a list of attendees and a context for the meeting. It will also be able to find the best available times for everyone.

Copilot in Outlook will begin to roll out in early 2024.

Copilot in Microsoft Loop
Copilot in Loop will be able to use information from a document linked in the prompt to generate even more relevant responses. This capability is currently rolling out for customers with a Copilot license and will be available for the web. It will also be able to intelligently adapt previous Loop pages to new projects, creating custom templates. This capability will roll out next year for customers with a Copilot license, and the updates are in preview.

Copilot in Microsoft Word
Catchup and comments in Copilot in Word will help users comprehend what has changed in a document by asking questions like, “How do I see what has changed in this document?” to reveal changes and revisions made by anyone who has accessed the document. It will also use information from Microsoft Graph to create more personalization by considering user preferences, interests and other information. These updates will be available early 2024.

Additional resources:


5.8.2. Extend and enrich Microsoft Copilot for Microsoft 365 with plugins and connectors

With Microsoft Copilot for Microsoft 365, users will be able to expand skills and knowledge of Copilot via plugins and Microsoft Graph connectors, now in preview. Users will be able to install and enable plugins to extend the game-changing abilities of Copilot for Microsoft 365 with internal and third-party applications they use every day.

Microsoft 365 admins will be able to deploy Microsoft Graph connectors and have their data semantically surfaced by Copilot in response to user prompts. Users will benefit from fast, semantic retrieval of relevant data that is managed within the data governance boundaries of their Microsoft 365 tenant.

Copilot-generated responses will provide the right citations and attributions that will help users trace and access the source content. Several plugins and Graph connectors, including Web search powered by Bing, Microsoft Dataverse, Jira, Trello, Mural, Confluence, Freshworks and Priority Matrix and more are now available. Also, customers like KPMG, Air India and Avanade, among others, are developing custom plugins for their business needs, providing them with the benefits of Copilot for Microsoft 365 with their line-of-business applications for their users.

Plugins can be installed by users via the app store in Teams, Outlook and Microsoft365.com, and Graph connectors can be installed by IT from Microsoft 365 admin center.

New controls in Microsoft 365 admin center, now generally available, enable admins to discover and manage plugins for Microsoft Copilot, a set of tools that people help achieve more using AI.
Microsoft 365 admins can also now quickly and easily identify available plugins for Microsoft Copilot, enabled for users in the tenant, and set appropriate access policies for user activation. Independent software vendor (ISV) and internally developed apps with plugin capabilities are automatically highlighted for admin review. Plugin access controls are centrally managed and can be set by user, group and tenant wide.

Developers will be able to build plugins for Microsoft Copilot via Teams message extensions to extend Copilot for Microsoft 365.
Developers will be able to build or enhance Teams Message Extensions with Teams Toolkit for Visual Studio and Visual Studio Code and get plugins to extend Copilot for Microsoft 365. Message extensions must use manifest version 1.13 or above. Additionally, developers will be able to build Teams message extensions directly from APIs. API-based message extensions will extend Copilot in the future. This capability is in preview.

Copilot for Microsoft 365 developer sandbox is now available in private preview.
Copilot for Microsoft 365 developer sandbox SKU will enable developers to build and test plugins and Graph connectors in a non-production tenant environment. The SKU is in private preview and available for purchase by independent software vendors (ISVs) in the Microsoft 365 TAP program and Copilot for Microsoft 365 customers.

Microsoft 365 and Copilot program to publish apps and plugins for Microsoft 365 is available in preview in Partner Center.
Independent software vendors (ISVs) will be able to submit apps that include Copilot plugins and Graph connectors for Teams, Outlook and more to the new Microsoft 365 and Copilot program. Developers will be able to package plugins and Graph connectors into the same unified app manifest and publish their app to Partner Center. Upon app validation, these apps will be made available in Microsoft 365 admin center, where administrators can discover and enable for their users. Users can discover the apps and plugins through the app store in Teams, Outlook and Microsoft365.com.

Additional resources:

5.8.3. Introducing Copilot for Microsoft 365 admin in private preview

Microsoft Copilot for Microsoft 365 admin is a set of experiences that will harness the value of generative AI to boost Microsoft 365 admins’ productivity by streamlining daily work, so admins are empowered to focus on their strategic priorities, make faster decisions and maximize the value of their investments.

Copilot for Microsoft 365 admin is designed to help IT admins simplify their admin tasks, generate insights faster and get more out of Microsoft 365. Copilot can help admins navigate the vast array of tools, controls and configurations to quickly guide an admin to exactly where they need to go, offer up suggestions and guidance and simplify reporting and querying by surfacing information through natural language prompts – all in a seamless experience across Microsoft 365 admin center, specialized admin centers and more to meet admins where they are in the flow of work.

Copilot for Microsoft 365 admin for enterprise customers in the Microsoft 365 admin center, including Edge and Windows Update management service, Teams admin center, Exchange admin center and SharePoint admin center, is in private preview.

Additional resources:

5.8.4. Introducing Microsoft Copilot Studio

Microsoft Copilot Studio is an end-to-end conversational AI platform that empowers users to create and customize copilots using natural language or a graphical interface. Copilot Studio is the perfect companion for Microsoft Copilot for Microsoft 365, putting IT in control, while ensuring predictability of responses for key topics.

With Copilot Studio, users will be able to easily design, test and publish copilots that suit specific needs and preferences. Users will be able to leverage the power of generative AI to dynamically create multi-turn answers over data and dialogues that are engaging and relevant for users, and to add specific conversations for predictable scenarios that require authored responses and workflows, such as expense management, HR onboarding or IT services.

Copilot Studio will also enable users to link copilots with the broader Microsoft Conversational AI stack through integrations with Azure AI Studio and additional Azure services. This will allow users to access advanced features, like speech recognition, sentiment analysis, entity extraction and more, while having full visibility and control with built-in governance.

Copilot Studio will provide an intuitive and integrated design studio experience for makers. With plugin builder, makers will be able to create, manage and test plugins, including Power Platform connectors and Power Automate flows. With prompt builder, makers will be able to create custom prompts, including ones that leverage generative AI.

Copilot Studio will enable users to create impactful conversational AI experiences and drive business outcomes. Users can now leverage Copilot Studio to customize Copilot for Microsoft 365, included in the Copilot for Microsoft 365 license.

Additional resources:

5.9. Microsoft Viva

5.9.1. Viva and Microsoft 365 Chat integration, and Copilot in Viva updates

Microsoft Copilot for Microsoft 365 enhanced with Microsoft Viva will provide AI-powered assistance for employee experience. Copilot will work across Viva data and applications as a single interface to guide employees, managers and HR leaders with self-service insights and experiences such as understanding team health, setting new priorities with OKRs (Objectives and Key Results) or upskilling for career growth.

This new integration will be available for customers who have deployed both Copilot for Microsoft 365 and the Viva suite and will be in private preview early next year.

Additionally, updates to Copilot experiences in Viva apps will help organizations better understand and engage with their workforce to improve performance and include:

  • Copilot in Microsoft Viva Insights will enable leaders and their delegates to use natural language prompts to generate personalized, dynamic reports that answer questions about their teams and organization, and will simplify the query building process for analysts. This Copilot will be in preview early next year.
  • Copilot in Microsoft Viva Goals will enable users to easily generate and refine goals with conversational AI and from existing strategy documents, as well as summarize goal progress to share with and across teams. This Copilot will be in preview in December 2023.
  • Copilot in Microsoft Viva Engage will help inspire leaders and employees to post using AI-created conversation starters, prompts and images. It will also give leaders insight into employee sentiment, cultivate an environment of trust by tailoring and refining message tone and enhance the quality of questions being asked with suggested prompts. This Copilot will be in preview in January 2024.
  • Copilot in Microsoft Viva Learning will allow users to easily create structured learning collections, find the right learning resources and summarize learning content using conversational AI. This Copilot will be in private preview for joint Viva and SAP SuccessFactors customers by the end of 2023.
  • Copilot in Microsoft Viva Glint will enable leaders to summarize and analyze thousands of employee comments from employee engagement surveys and provide a fresh way to explore feedback by asking questions through natural language. This Copilot will be available for private preview in January 2024.

Additionally, see here for details around a new dashboard from Viva Insights that provides leaders and organizations visibility into Microsoft Copilot adoption and impact.

Additional resources:


5.10. Power Platform

5.10.1. New experiences for Copilot in Power Automate

Microsoft is announcing new Copilot experiences in Power Automate for developers and orchestrators. With these new releases, Copilot in Microsoft Power Automate will span process mining, API automation, robotic process automation (RPA) and orchestration.

These new experiences, in preview, will enable users to discover and create UI and API automation faster, while streamlining productivity and insights into how they are run and managed and include:

  • Using Copilot to assist with desktop flows: Copilot will be integrated into the Console and the Designer of Power Automate for desktop. Copilot will assist with desktop flows (RPA) by typing questions and getting relevant information and step-by-step instructions from documentation. Additionally, users will be able to generate scripts by describing what to do, and code will be automatically generated.
  • Using Copilot to analyze automation activity: Admins, Center of Excellence (CoE) teams and business users and makers with access to flow run histories will be able to query past runs in natural language across their environment.

Additional resources:

5.10.2. Power Apps continues to advance IT governance, Copilot and modern experiences in app development

Power Apps gives developers tools to rapidly build modern, high-performing AI-powered apps for enterprise. AI implementation through Copilot, prebuilt templates and drag-and-drop simplicity allow everyone to do more with less. Extensibility through integrations enables professional developers to build without limits. As part of Microsoft Power Platform, Power Apps benefits from advanced security and governance in place, making it easy to deploy and govern at massive scale.

New features and updates for Power Platform include:

Advanced governance features in Managed Environments for Power Platform

  • Groups and rules will empower IT admins to control their Power Platform environments at enterprise scale. Environment groups will allow admins to categorize their environments into group, and rule sets will allow admins to define a dedicated configuration for each of their environment groups. With groups and rules, admins will get more control with less effort. This feature is in limited preview, with preview planned for the end of the first quarter of 2024.
  • Advisor in Managed Environments for Power Platform will provide IT with proactive recommendations and inline actions to govern and secure the platform more easily. This will include recommendations to clean up unused apps, lock down over-shared apps and add owners to abandoned apps. This feature is in preview.

Features to further accelerate building of Copilot-enabled apps

  • Copilot for app users as sidecar is now ready for every user in the web player canvas app backed by Dataverse. Copilot will automatically work with the data in the app and provide users with insights and answers, without needing to set up from app makers. This is the easiest way to give the power of generative AI to users. This feature is coming to limited preview in mid-December and preview end of the first quarter of 2024.
  • Makers can now also greatly extend and customize Copilot for app users embedded in apps through Copilot control. Microsoft Copilot Studio interoperability enables extensive customization that brings capabilities of Copilot Studio into every Copilot-embedded app. This feature will be in preview in the first half of 2024.
  • For existing apps that are in managed environments and are missing their description, AI-generated app descriptions will be added automatically. For any new apps, when the makers are publishing, a draft of the app description will be presented for them. App descriptions will help end users find useful apps and IT admins understand their app landscape. This feature is in preview.

Making the creation of high-performing modern apps even easier

  • Mobile native UI/UX: Mobile Power Apps will have native UI/UXwith smoother animations, faster performance and modern mobile interaction patterns. The improved performance and modern functionality will bring efficiency gains to everyone running apps on mobile devices, especially those executing high-volume actions. This update is in preview.
  • With modern controls generally available and theming in canvas apps, makers will be able to easily create elegant, accessible, fast and reliable apps. This will cut down the need to write complicated files for usual scenarios and will accelerate development. This update is in preview.

Additional resources:

5.10.3. Power Virtual Agents is now part of Microsoft Copilot Studio

Introducing Microsoft Copilot Studio, built on the foundations of Power Virtual Agents and the broader Microsoft conversational AI ecosystem. Copilot Studio provides new ways to build copilots and extend Microsoft Copilot with the latest generative AI capabilities. With Power Virtual Agents capabilities joining Copilot Studio, the Power Virtual Agents name will no longer be used. Existing PVA customers will access the same capabilities, all within Microsoft Copilot Studio.

Additional resources:

5.11. Security Copilot

5.11.1. Microsoft Purview capabilities in Microsoft Security Copilot and embedding the Security Copilot experience in Microsoft Purview solutions

Microsoft Security Copilot will be embedded into Microsoft Purview. Data security admins receive an average of more than 50 alerts per day and can only get to fewer than 60 to 70 percent of them. Likewise, compliance admins spend 60 percent of their time reviewing evidence collected in review sets. Additionally, there is also a steep learning curve from entry-level analysts to expert-level analysts to assess and remediate risks.

With Security Copilot embedded in Purview, customers will be able to quickly generate a comprehensive summary of alerts and information to accelerate investigation and response, upskill talent via guided responses to navigate through information efficiently and use natural language to define search queries in eDiscovery to enable faster and more accurate search iterations by eliminating the need to use keyword query language. Embedded scenarios will be surfaced in Data Loss Prevention, Insider Risk Management and eDiscovery and Communication Compliance.

Additional resources:

5.11.2. Microsoft Security Copilot embedded experience in private preview

The Microsoft Security Copilot embedded experience, available in private preview, will allow IT admins and security analysts to use Microsoft Security Copilot within the Microsoft Intune admin center. Integrating insights and data from security and management tools, Security Copilot provides customized guidance through generative AI to address an organization’s specific requirements, like intelligent policy creation and deployment and faster, easier troubleshooting.

These new endpoint management and security capabilities will be available in Intune, joining the existing security incidence investigation and device security posture improvement experiences currently available in the Early Access Program for Security Copilot capabilities.

Additional resources:

5.11.3. New auditing capabilities within Microsoft Purview Audit for Copilot interactions

With this new feature, in preview, Microsoft Purview Audit consumers will be able to measure and track when users request assistance from Microsoft Copilot for Microsoft 365 and see the list of assets that were affected when responding to the request. These signals will enable security investigators to determine when content, such as files with sensitive data, were touched during a Copilot for Microsoft 365 interaction.

Additional resources:

5.11.4. Security Copilot coming to Microsoft Entra to assist in investigating risks, troubleshooting

Microsoft Security Copilot will also be embedded in Microsoft Entra to assist in investigating identity risks and helping with troubleshooting daily identity tasks, such as why a sign-in required multi-factor authentication. IT admins can ask about users, groups, sign-ins and permissions and instantly get a risk summary, steps to remediate and recommended guidance for each identity at risk, in natural language. Additionally, in Microsoft Entra ID Governance, admins can use Security Copilot to guide in the creation of a lifecycle workflow to streamline the process of creating and issuing user credentials and access rights.

Additional resources:

5.11.5. Security Copilot will deliver unified solutions across services, data

Security has always been a notoriously siloed and fragmented function – both from a technological and organizational point of view. Microsoft Security Copilot will help transcend technological and talent boundaries by delivering a unified, efficient and intuitive experience for all professionals that secure organizations, including identity management, device management, data security and compliance professionals.

With the addition of these new scenarios, all in private preview, Microsoft’s customers who rely on our industry-leading Microsoft Entra, Purview, Intune and Sentinel solutions will be able to integrate Security Copilot into their routine tasks and workflows and use Security Copilot to assist in many ways, including:

Identity management (Microsoft Entra): Entra skills are now available in Security Copilot to enable security analysts to discover high-risk users, overprivileged access and suspicious sign-ins that aid in a security incident investigation and assess potential risk.

Device management (Microsoft Intune): New features enable IT admins to generate device policies and simulate their outcomes, gather device information for forensics and configure devices with best practices from similar deployments.

Data protection and compliance (Microsoft Purview): New skills for data protection, compliance and risk management identify data impacted by incidents, generate a summary of data and user risks, analyze documents and surface risks of collusion, fraud and sabotage.

Cloud security posture management (Microsoft Defender EASM and Defender for Cloud): New skills for posture management simplify external attack surface risk assessment and enable security admins to manage cloud security posture more efficiently. Security admins can quickly discover potential attack paths using natural language queries, get mitigation guidance for proactive prevention of threats and receive automatic notification for resource owners.

Embedded experience in the unified SIEM+XDR UX (Microsoft Defender XDR and Microsoft Sentinel): For the first time, the generative AI capabilities of Security Copilot are available in Microsoft’s unified experience across the award-winning Microsoft Defender XDR and Sentinel solutions, accelerating incident response with guided investigation, rapid aggregation of evidence across numerous data sources and advanced capabilities such as malware analysis.

Additional resources:

A woman sits on a couch working on a laptop.

6. Power Platform 6.1. Power Platform

6.1.1. Payment processing in Power Pages in preview

Payment processing integration, now in preview in Microsoft Power Pages, will enable makers to easily embed payment processing directly into their websites.

Payment processing platforms power online payment processing and commerce solutions. This unlocks a new use case for Power Pages – building websites that support payment processing – as makers will be able to use Power Pages to develop websites that accept payment from customers. For example, state and local governments will be able to process licensing fees, application fees and permitting fee payments through their Power Pages websites.

Additional resources:

Two people work in an office, with one person working on a laptop with two external monitors.

7. Security 7.1. Defender

7.1.1. Microsoft updates help evolve the Security Operations Center experience

Several key updates across Microsoft’s suite of security solutions are designed to help Security Operations Center (SOC) professionals operate more efficiently and better protect their assets and data. These updates include:

Announcing Microsoft Defender XDR: Microsoft Defender 365 is now Microsoft Defender XDR. The new name best represents Microsoft’s extended detection and response (XDR) capabilities that span beyond products included in the Microsoft 365 suite. The native security solutions protect devices across Windows, Linux, macOS, Android and iOS, as well as multicloud environments spanning Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP). This update is generally available.

Microsoft Defender XDR and Microsoft Sentinel combine as a unified security operations platform: The unification of Defender XDR and Sentinel into a single, powerful user experience along with the addition of Microsoft Security Copilot generative AI will change how customers manage their security operations and protect their assets and data. Customers will have a high level of efficiency and ease of use with a single experience for their security operations tools. This will mean less clicking, less context switching and less training for more robust insights. With the integration of cutting-edge AI and automation technologies, defenders will be able to level up their skills with guided response across first- and third-party data sets. This update is in private preview.

Embedded Microsoft Security Copilot: Customers using the unified SOC platform will be able to access the benefits of an embedded generative AI tool that will help analysts to level up their security information and event management (SIEM) and XDR skills. Security Copilot will help by using natural language to write keyword query language (KQL) queries, understand malicious scripts, create incident summaries and provide support throughout the investigation and remediation process. This update is in early access.

Optimize data in the SIEM with SOC optimizations: This new feature will support SOCs in ensuring they are maximizing the value of the data they are ingesting into Sentinel with recommendations that will help them to save money, improve coverage and better secure themselves against specific threats. This feature is in private preview.

Improved response to user assets and cloud workloads: Integration of cloud workload alerts, signals and asset information from Microsoft Defender Cloud into the industry-leading XDR platform will help security teams combat cross-domain attacks more effectively. This powerful integration will provide SOC analysts with a holistic view, spanning workspace and cloud infrastructure, plus rich contextual insights to uncover the entire attack story in a single incident. This will protect organizations against advanced attacks with efficiency and speed. This update is in preview.

Auto-deployed decoys: Will provide early-stage, high-fidelity signals that force adversaries to be correct 100 percent of the time with built-in deception techniques harnessing Microsoft Defender for Endpoint’s unique visibility into organizations and OpenAI’s GPT-4 generative AI model. Users will be able to automatically generate and disperse decoys and lures at scale that resemble real users and assets in the organization. This will allow SOC teams to detect and focus on attacks even more effectively. This update is in preview.

Protection of AI apps within an organization: A set of new capabilities across Microsoft Defender and Microsoft Purview will help defenders securely prepare for the new wave of AI and empower their organizations, while keeping their data and other assets secure. Microsoft Defender for Cloud Apps will extend its discovery capabilities to support over 400 large language model apps. Additionally, Purview Data Loss Prevention will help organizations create policies that prevent their users from pasting sensitive data to specific websites. This update is in preview.

Additional resources:

7.1.2. New features for Microsoft Defender for Cloud

Microsoft Defender for Cloud helps organizations protect multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime. Several key updates will help security admins adopt a comprehensive cloud-native application protection strategy and improve security posture across multicloud environments and DevOps platforms and include:

  • Unify identity and access permissions insights to improve cloud security posture through integration with Microsoft Entra Permissions Management: Security admins will get a centralized view of Permissions Creep Index, drive least privilege access controls for cloud resources and get proactive attack path analysis that connect the dots between access permissions to other potential vulnerabilities across Azure, Amazon Web Services (AWS) and Google Cloud. This update is in preview.
  • DevOps security insights across GitHub, Azure DevOps and GitLab: Security admins will get deep visibility into their application security posture across GitHub, Azure DevOps and GitLab within Defender for Cloud now in preview. In addition to GitHub Advanced Security and GitHub Advanced Security for Azure DevOps, with the preview of the GitLab Ultimate integration, Defender for Cloud will now support the three major developer platforms.
  • Improved container security across multicloud environments: Security admins will be able to get ahead of containerized application risks and prioritize misconfigurations and exposures in their Kubernetes deployments with the expansion of Defender Cloud Security Posture Management’s (CSPM) contextual graph-based capabilities to Amazon Elastic Kubernetes Service (Amazon EKS) and Google Kubernetes Engine (GKE) clusters. This update will be in preview soon.
  • Enable proactive attack path analysis across clouds and faster risk mitigation: Security admins will be able to reduce recommendation fatigue and efficiently remediate critical risks with a risk-based recommendation enhanced attack path analysis engine to identify and prioritize remediation of more complex risks such as cross-cloud attack paths. New code-to-cloud mapping will also enable security admins to rapidly accelerate the time and effort to address critical security flaws right in the code itself. Additionally, the new ServiceNow integration will enable admins to use their existing system to automate or drive mitigation of risks. This update is in preview.
  • Improved API security posture: With the general availability of Defender for APIs plan in Defender for Cloud, security admins can gain visibility of business-critical APIs, prioritize vulnerability fixes and quickly detect active real-time threats for APIs published in Azure API Management. New preview capabilities targeting sensitive data classification powered by Microsoft Purview and curated attack paths will help security admins further safeguard data from API risks.
  • Microsoft Security Copilot in Defender for Cloud: Security admins will be able to gain efficiency in discovering and remediating risks with the power of AI-generated guidance. Security admins will be able to easily identify risks and vulnerabilities across their cloud environment using natural language questions. This feature is in private preview.

Additional resources:

7.2. Entra

7.2.1. Microsoft Entra Permissions Management adding more integrations

The integration of Microsoft Entra Permissions Management with Microsoft Defender for Cloud (MDC), now in preview, will provide an efficient way to consolidate insights into other cloud security posture information on a single interface. Customers will receive actionable recommendations for addressing permissions risks in the MDC dashboard and gain a centralized view of the Permissions Creep Index, facilitating the enforcement of least privilege access for cloud resources across Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP).

Another integration is with ServiceNow, one of the most popular IT Service Management (ITSM) solutions. Through this integration, customers can request time-bound, on-demand permissions for multicloud environments, such as Azure, AWS and GCP, via the ServiceNow portal. This integration helps organizations enhance their Zero Trust posture by enforcing the principle of least privilege for multicloud permissions and streamlines access permission requests within existing approval workflows.

These updates are now generally available.

Additional resources:

7.2.2. Microsoft’s Security Service Edge expands Internet Access and Private Access preview

Microsoft’s Security Service Edge (SSE) solution secures access to any app or resource from anywhere and includes Microsoft Entra Internet Access (Internet Access) and Microsoft Entra Private Access (Private Access). Internet Access will expand its preview to include context-aware Secure Web Gateway (SWG) capabilities for all internet apps and resources. The extended preview of capabilities for Private Access will help make Private Access fully ready for traditional VPN replacement.

Internet Access capabilities, coming soon to preview, include:

  • Universal Conditional Access for any internet endpoint from managed devices and networks. By managing all access policies in one place, users will be able to extend adaptive access controls universally to rely on Conditional Access to any network destination, like an external website or non-federated SaaS applications – without the need to change these applications.
  • Token theft protection for Entra ID apps through compliant network check-in Conditional Access. With this control, users will be able to protect Entra-integrated cloud applications against token theft and ensure users do not bypass network security policies specific to their tenant while accessing critical cloud services.
  • Source IP restoration in Identity Protection and Conditional Access location policies. Internet Access will offer differentiated backward compatibility of trusted location checks in Conditional Access and continuous access evaluation, identity risk detection and logging, by ensuring the users’ original source IP is maintained.
  • Context aware SWG will restrict user access to unsafe and non-compliant content with web content filtering (URL, FQDN, web category) and make internet filtering policies more succinct, readable and comprehensive by leveraging the rich user, device and location awareness of Conditional Access.
  • Improved security, visibility and user experience for Microsoft 365 will include data exfiltration protection through universal tenant restriction and prevents anonymous access for Microsoft Teams and SharePoint. This capability will provide great performance and resiliency for Microsoft 365 applications and flexible deployment options for Microsoft 365 scenarios with third-party SSE vendors.

Private Access capabilities, in preview, include:

  • VPN replacement: Extended protocol support for private app access and, in addition to Transmission Control Protocol (TCP), User Datagram Protocol (UDP) support along with private Domain Name System (DNS) support will be provided. These enhancements will enable customers to seamlessly transition from their traditional Virtual Private Network (VPN) deployments to a fully ready, identity-centric Zero Trust Network Access (ZTNA) solution.
  • Multifactor authentication (MFA) to all on-premises apps: Private Access will provide Conditional Access controls and modern authentication methods, such as MFA, to secure access to all private applications and resources. This will apply to any application, located anywhere, for both remote and on-premises users.

Both Internet Access and Private Access have cross-OS clients (Windows, Android, MacOS, iOS) and increased global presence with more points of presence (POPs).

Additional resources:

7.2.3. Updates for Microsoft Entra ID now generally available

Microsoft Entra ID is an identity and access management solution that connects employees, customers and partners to their apps, devices and data for hybrid and multicloud environments. The following updates are now generally available.

Microsoft managed Conditional Access policies: Microsoft will begin to automatically enroll customers into Conditional Access policies based on their risk signals, current usage and licensing. The policies will enhance the security posture and reduce the complexity of managing Conditional Access.

Microsoft Entra Certificate-Based Authentication (CBA): Microsoft Entra CBA now offers several new features to improve the security posture of customers. These enhancements enable customers to customize authentication policies based on certificates, resource type and user group. Customers now have more control and flexibility to choose certificate strength for different users, combine CBA with other methods for multifactor or step-up authentication and configure authentication strength either tenant wide or by user group.

In addition, in early 2024, Microsoft Entra ID users will be able to sign in with passkeys managed by the Microsoft Authenticator app. By using passkeys, customers will have an additional phishing-resistant credential based on open standards and will ensure access to the latest security enhancements that will be added to the FIDO standard in the coming years.

Additional resources:

7.3. Purview

7.3.1. Enriched, high-fidelity security alerts to empower data security teams in preview

Several key updates, now in preview, will help data security teams manage critical insider risks and include:

Enrich DLP incident management with insider risk insights: Traditional Data Loss Prevention (DLP) solutions generate alerts when certain conditions are met, such as when a user copies confidential files to a USB device. However, these alerts typically only highlight the specific incident and files impacted, without providing context about where the files originated or what other actions the user took.

With a new feature powered by Insider Risk Management, DLP alerts will be enriched with user context, allowing DLP analysts and security operations center (SOC) analysts, with appropriate permissions, to see a summary of past user activities that may have led to potential data security incidents. This is all part of the incident management experience in Microsoft Purview and Microsoft Defender.

For example, with this feature, the abovementioned DLP alert will now contain a summary of the critical sequence of actions taken by the user, showing that they downloaded confidential files from SharePoint, downgraded the sensitivity label and compressed the files into a zip file before exfiltrating them to the USB device. With this context, analysts will be able to better understand the user’s intent and determine whether they were trying to exfiltrate sensitive data while evading detection. This feature will help analysts gain a better understanding of a DLP incident and make faster, more informed decisions on how to respond to potential incidents.

Support administrative units in Insider Risk Management: Different departments or geographic locations may have varying policies or preferences for managing insider risks. Regional regulations may also necessitate distinct designs or processes for implementing insider risk programs. To accommodate these needs, Insider Risk Management will support administrative units. This feature will allow admins with the appropriate permissions to subdivide the organization into smaller units and assign specific admins or role groups to manage only the members of those units. For instance, German insider risk admins can create and manage policies exclusively for German users, while German insider risk investigators can investigate alerts and activities solely from German users.

Get more high-fidelity alerts with recommended policy tuning: When instruments are finely tuned, music can be played smoothly. Similarly, data security solutions can be more effective and powerful when policy configurations are optimized. However, reaching an optimal stage can be time-consuming, as admins may need to experiment with different configurations, and each iteration can take several days to yield results. To address this challenge, Insider Risk Management will provide recommendations and sensitivity analysis to help admins set policy thresholds for certain user activities based on real-time analytics. This feature will save security teams time in fine-tuning policies and enable them to receive an optimal volume of high-fidelity alerts more quickly.

Additional resources:

7.3.2. Incident investigation, eDiscovery capabilities added to Microsoft Purview

With Microsoft Purview eDiscovery incident investigation experience, users can accelerate incident investigations by harnessing incident parameters to know where to look for the exact evidence required to assess and mitigate incident risk.

Users will be able to explore incident insights to further understand blast radius and risk levels, mitigate incidents with comprehensive actions to expand the investigation, invite collaboration with investigation stakeholders and manage the evidence to resolve the investigation. This feature is in preview.

With the integration of Microsoft Security Copilot into eDiscovery, users will be able to set natural, language-based queries to find and collect potentially relevant content for investigations. This will ease the burden of using complex queries to search and find content, help identify the relevant source locations and simplify the time-consuming validation of search criteria and results. The power of Copilot will be used to summarize threads, files and content sets within an investigation. Users will be able to act based on the extracted insights to further accelerate the pace of investigation and review. This feature is in preview.

Additional resources:

7.3.3. New capabilities in Purview Data Loss Prevention

Microsoft Purview Data Loss Prevention (DLP) is a cloud-native solution that proactively prevents accidental or unauthorized loss of sensitive data across apps, services and devices.

Several new capabilities in Purview DLP will help organizations comprehensively protect sensitive data loss, including expanding protections across Microsoft and non-Microsoft platforms, providing additional protection capabilities, as well as additional features that can help DLP and Security Operations Center (SOC) admins be efficient in their day-to-day tasks.

These updates fall under several categories:

Expanding the breadth of protection

  • DLP support for Windows on Arm will let customers extend Microsoft Endpoint DLP policies and actions to endpoints running Windows on Arm. This will allow them to detect and protect sensitive data in files within their digital ecosystem. This update is in preview.
  • Enhancement of DLP capabilities on macOS endpoints, including the ability to create groups of printers, USBs, network shares and sensitive service domains and apply different restrictions to each group, with the ability to apply the most restrictive action against multiple DLP rules. This update is generally available.

Expanding the depth of protection

  • Just-in-time protection for endpoint DLP that restricts activity at the time of egress is generally available.
  • Performance improvements for enforcing restrictions on sensitive content shared over Microsoft Teams Chat are generally available.

Empowering admins to be efficient

  • Enriching DLP alerts with user insights from Purview Insider Risk Management will bring in the user context within the DLP alert for efficient investigations. This update is in preview.
  • The ability to store original files, resulting in a DLP policy match as evidence for investigations. This update is in preview.
  • Richer filter for DLP alerts in Microsoft 365 Defender, including file name, file path and latency, helping admins get more out of the alerts. This update is in preview.
  • Simulation mode for DLP policies to enable admins to try a Microsoft Purview DLP policy, assess its impact and fine-tune the policy as required in an isolated environment. This will help admins build confidence in the configuration of the policy and reduce the policy enforcement time. This update is in preview.
  • DLP recommendations for highlighting current risks in the organization’s environment, quick policy setup to mitigate the risk and policy fine-tuning to make existing policies better and reduce noise. This update is generally available.
  • Support for admin units for DLP alerts in Microsoft 365 Defender is generally available.

Additional resources:

7.3.4. New features for Microsoft Communication Compliance

Microsoft is introducing cutting-edge AI and Microsoft Security Copilot capabilities to bolster Microsoft Communication Compliance. These advanced features will leverage AI and Security Copilot technology to improve the detection and management of compliance issues in communication. This marks a significant step forward in ensuring organizations can harness the power of AI to maintain secure, productive and accountable communication while staying compliant with regulations. These updates include:

  • Communication Compliance document and alert summaries with Security Copilot: This embedded Copilot experience will simplify communication policy matches, offering contextual summaries, conversation evaluation, risk network identification and intelligent triage. This combination will enhance data security and compliance measures for organizations. This update is in private preview.
  • Microsoft Teams compliant meetings: Users can leverage voice-to-text machine learning to convert Teams meeting recordings to text, analyze transcripts for potential risky content and display video snippets of policy matches to facilitate triage. This update is generally available.
  • Microsoft Viva Engage message reporting: Microsoft Viva Engage users are empowered to report inappropriate or concerning posts and comments within Viva Engage conversations. Reported messages then get triaged within Communication Compliance. This update is generally available.
  • Next-generation business conduct detection: Using Azure AI Content Safety, new detections are being added to Communication Compliance that will enable teams to build safer online environments by detecting potential violence, hate, sexual and self-harm content, then assigning severity scores to unsafe text across languages. These classifiers are built using large language models. This update is in preview.

Additional resources:

7.3.5. New features in Purview Information Protection now generally available

Microsoft Purview Information Protection helps organizations understand what data is sensitive and business critical and then how manage and protect it. New features that are now generally available include:

New contextual predicates in service-side auto-labeling: This is a novel way of auto-classification based on document properties, such as the type of file (file extension), size, who the document was created by and if the document name contains certain words or phrases. This enables organizations to intelligently discover and label groups of documents which, according to these contextual predicates, may contain sensitive data.

Auto labeling (for files at rest in SharePoint Online) can now label PDF files: Auto labeling for files at rest in SharePoint Online will automatically start labeling PDF files, a widely used file type, in addition to currently supported Word, Excel and PowerPoint files.

Application of a default sensitivity label for a SharePoint document library: With this update, all newly uploaded documents to a document library can inherit the configured label for the document library (if not already labeled). All documents, either newly created or modified, in that library will be automatically assigned with that library’s label. Site default labels allow users to protect all documents because the library itself is sensitive – without needing to define classification policies.

Secure collaboration on labeled and encrypted documents with user-defined permissions: With user-defined permissions, document owners no longer need admins to create special labels for their highly confidential documents. Instead, they can specify the permissions themselves by applying user-defined permissions (UDP) labels on files. UDP-labeled files in SharePoint support co-authoring. This capability is very popular with C-Suite users and users working on tented projects who need to limit access to highly confidential documents to a small set of explicitly authorized individuals that they select.

Sensitivity labels to protect Microsoft Teams shared channels: This release is about safeguarding the confidentiality of Teams channels by enabling users to discover private teams that they weren’t able to previously view and/or join. Shared channel access controls enable users to apply settings, such as internal only, same team only or private team only on shared channels to better secure confidential information.

Microsoft Fabric support for sensitivity labels: Fabric support for sensitivity labels follow the data automatically as it flows from the lakehouse to Power BI reports, Microsoft 365 files and other assets business users rely on every day, for end-to-end, comprehensive protection.

Configure policy tips as popups for labeled emails and attachments: Admins can now configure data loss protection (DLP) rules that display warnings in pop-up dialogs before users send emails. This makes it more difficult for users to inadvertently overshare or send emails to external users who aren’t authorized according to their organization’s policies. Admins can set up rules to provide warnings only, block actions entirely, require business justification or request explicit acknowledgements before sending emails.

Double-key encryption to protect sensitive files and emails in Microsoft 365 apps on Windows: To protect the most sensitive content, users of Microsoft 365 apps can now use Double Key Encryption (DKE) for files and emails with built-in labeling in Office. With DKE, Microsoft stores one key in Microsoft Azure and the user holds the other key, so that only the user can ever decrypt protected content. Sensitivity labels configured with DKE in Purview Compliance portal are now available for users in Word, Excel, PowerPoint and Outlook to publish or consume content protected with DKE.

Tracking and revocation in Compliance portal: The tracking and revocation feature enables users to check who has tried accessing their sensitivity labeled and encrypted Office files and revoke access when needed.

In addition, users will be able to extend sensitivity labels to assets in Azure, now in gated preview. With Purview, users will be able to extend the reach of Information Protection sensitivity labels and the value from built-in sensitive information types to a much broader set of data locations and data types. Users will be able to work with existing sensitivity labels or create new ones via the Purview compliance portal to extend security and compliance intent to data assets in Azure.

Additional resources:

7.3.6. Secure data in the AI era with Microsoft Purview

Microsoft Purview can help secure data in AI and help organizations adopt AI, including Microsoft Copilots and non-Microsoft AI applications. These capabilities can provide organizations:

  • Visibility into the risks associated with sensitive data usage and user activity context in AI applications in their environment.
  • Comprehensive protection with ready-to-use policies to prevent sensitive data loss in AI.
  • Compliance controls to help easily meet business and regulatory requirements and detect code of conduct and business violations.

Purview capabilities will be integrated with Microsoft Copilots, starting with Microsoft Copilot for Microsoft 365 integrations, which are now generally available. With Copilot for Microsoft 365 customers will be able to:

  • Discover data security risks, including sensitive data shared with Copilot and risky use of Copilot.
  • See Copilot honoring Purview Information Protection sensitivity label access restrictions, inheriting sensitivity labels from referenced files and citing sensitivity labels in responses.
  • Capture Copilot prompts and responses as evidence in Purview Audit.
  • Run content search in Purview eDiscovery.
  • Manage retention and deletion policies for Copilot prompts and responses in Purview Data Lifecycle Management.
  • Detect business and code of conduct violation in Copilot prompts and responses in Purview Communication Compliance.

Additional resources:

7.3.7. Unified Microsoft Purview portal expands sphere of protection

Organizations must manage multiple solutions to help discover, protect and detect risks surrounding their most sensitive data. To help change the way organizations secure their data, Microsoft Purview is providing one unified Microsoft Purview portal, now in private preview, with these additional features:

Data visibility across all environments: Purview is expanding horizons and enabling visibility of sensitive data beyond Microsoft and into other clouds and applications, making it easier to track and store in a safe place.

Lifecycle protection: Organizations will be able to apply labels on sensitive data – just like they do for applications like Microsoft Outlook or Teams – but will be able to do so in databases, like SQL or other clouds like Amazon S3. This ensures the labels and sensitive information types can transfer across environments, ensuring a unified layer of protection.

Multicloud detection in Insider Risk Management: Data doesn’t move itself, it’s people who move and interact with data, and that’s where the majority of data security risks stem from. As users within organizations use multiple applications and cloud services in their day-to-day work, security teams must comprehend the risks associated with these user activities that may lead to potential data security incidents. Insider Risk Management will add detections in clouds like Azure and Amazon Web Services (AWS), as well as in applications like Box, Dropbox, Google Drive and GitHub. Admins will be able to incorporate these multicloud detections in their data leak and data theft playbooks, making the insights more comprehensive.

Additional resources:

A woman sits outside by a wooden fence working on a Surface tablet.

8. Windows 8.1. Windows Commercial & Enterprise

8.1.1. New features coming to Windows 365 and Azure Virtual Desktop

A host of new features for Windows 365 and Azure Virtual Desktop include:

  • Windows App, in preview, will be the place to connect to any devices or applications across Windows 365, Azure Virtual Desktop, Remote Desktop, Remote Desktop Services, Microsoft Dev Box and more.
  • Windows 365 GPU support, in preview, will make it ideal for workloads, such as graphic design, image and video rendering, 3D modeling, data processing and visualization applications.
  • Windows 365 AI capabilities will help customers reduce costs, increase efficiency and further simplify security and management of Windows 365 Cloud PCs. One example will be applying AI to assess Cloud PC deployment and utilization to provide recommendations to help organizations better forecast and right-size their Cloud PC investment. This capability will be in preview in the coming months.
  • Azure Virtual Desktop Autoscale for personal desktops is the Azure Virtual Desktop native scaling solution that automatically starts session host virtual machines (VMs) according to schedule or using Start VM on Connect. It then deallocates or hibernates session host VMs based on the user session state (log off/disconnect). The deallocating capability is now generally available, and hibernating session host VMs is in preview.
  • Single-sign on (SSO) and passwordless authentication support for both Windows 365 and Azure Virtual Desktop is now generally available for Azure Virtual Desktop and Windows 365, along with third-party identity provider (IDP) support. Microsoft is also actively working on enabling the same capabilities for Azure Virtual Desktop approved providers.
  • Windows 365 Customer Lockbox, in preview, will ensure that Microsoft support engineers can’t access content to do service operations without explicit approval.
  • Windows 365 Custom Managed Keys will allow organizations to encrypt their Windows 365 Cloud PC disks utilizing their own encryption keys. This feature will be in preview soon.
  • Watermarking, screen capture protection and tamper protection support for both Windows 365 and Azure Virtual Desktop are now generally available, protecting against unauthorized access and manipulation of data, keeping sensitive information protected and maintaining organizational data integrity.

Additional resources:

8.1.2. Universal Print moves function to the cloud

The last workload to move to the cloud is print. Universal Print delivers a complete service integrated with all of Microsoft 365 and Windows 365 to simplify print for employees and IT professionals.

With the added support for MacOS endpoints and an easy-to-use pull print functionality, in preview, employees will be able to securely and conveniently print on any corporate printer from anywhere and from any device. Now in preview, MacOS devices are fully supported through Universal Print. Users can print from any device or walk up to any corporate printer and securely release their print job, without having to choose the printer.

Additional resources:

8.1.3. Windows Autopatch simplifies and automates update management for Windows

Microsoft is extending Windows Autopatch to PCs for frontline workers by adding Autopatch to the Microsoft 365 F3+ subscription. This long-awaited extension of the update management service is now generally available.

In addition, Windows Autopatch will become the unifying Windows update management solution for enterprise customers. The single solution for enterprise update management can be used as a fully automated managed service to deliver the highest cost savings, allowing customers to reallocate resources to higher-value areas. Used from within Microsoft Intune, Windows Autopatch becomes a do-it-yourself, partially automated service that delivers a high level of control. Windows Autopatch is the solution to update and upgrade Windows devices, Microsoft 365 apps, Microsoft Teams and Microsoft Edge. Over time, Windows Update for Business deployment service will merge into the single service for enterprise customers.

Finally, Microsoft is adding firmware and driver update management granular controls to Windows Autopatch. This feature is now in private preview.

Additional resources:

8.2. Windows Developer

8.2.1. Introducing Windows AI Studio and new features for Dev Home and WSL

Windows AI Studio for developers will simplify generative AI application development, bringing together cutting-edge AI tools and a model catalog. This will enable developers to fine-tune, customize and deploy small language models (SLMs) for local use in their Windows applications – all in one place.

Windows AI Studio, available in the coming weeks, will give developers greater choice to either run their models on the cloud on Azure or on the edge locally on Windows to meet their needs. And soon, Windows AI Studio will include prompt flow capabilities for prompt orchestration.

Dev Home with Azure Dev Ops (ADO) integration is now available in preview. Dev Home in Windows is a new feature that will help customers onboard new team members and projects faster through WinGet Configuration, in addition to managing projects and daily tasks with a customizable dashboard. An ADO extension, now available for Dev Home, helps enterprise developers easily clone their Azure repositories in Dev Home, manage ADO projects and stay on top of queries and relevant tasks from Dev Home.

Windows Subsystem for Linux (WSL) has three new features targeted at enterprise-use cases that are generally available and include:

  • A new plugin for WSL, released by Microsoft Defender for Endpoint, which enables security teams to continuously monitor for events in all running distributions – delivering clear visibility into systems once considered a critical blind spot.
  • New integrations with Microsoft Intune, which lets admins control access to WSL and its key security settings.
  • Networking improvements that add additional security by enforcing the firewall rules on Windows to affect the WSL distributions and improved compatibility with VPNs and proxies in a corporate environment.

Additional resources: