AI has changed how—and where—work happens. Many of today's security risks occur inside the browser, where traditional controls can fall short. At RSAC 2026, we're highlighting strengthened Edge for Business capabilities designed to secure AI usage and protect sensitive data on the web—all with the signature Edge for Business approach to natively integrate protections, so you get more security with less effort.Here's a look at what's new: Prevent data leaks from shadow AI – without banning AI AI browsing, safe for work on day 1 Protect data in Outlook on the web Your security stack connects with Edge for Business – now with more partners and platforms Edge for Business is an industry-leading secure enterprise browserPrevent data leaks from shadow AI – without banning AIToday, information workers are bringing their own consumer GenAI tools into the workplace, creating a new challenge for organizations: shadow AI.Like shadow IT before it, shadow AI introduces data exfiltration risks—but with higher stakes. When employees type or upload sensitive information into consumer AI tools, that data can be retained or used to train models, increasing the risk of downstream IP loss and long‑term data exposure. Shadow AI protection gives organizations control over how AI is used, so sensitive enterprise data isn't submitted to unsanctioned consumer AI tools—without blocking AI outright.Last year, we announced inline protection from Purview, bringing protection for AI prompts to Edge for Business, starting with select AI tools supported. Today, we're happy to announce a broader list of supported AI tools, which you can view here.With this, AI prompts and file uploads can be audited or blocked using inline data loss prevention powered by Purview. Prompts are analyzed in real time, and when sensitive data is detected, the action is audited or blocked immediately.When a prompt is blocked, the user receives a clear, policy-based notification explaining that the action is restricted by organizational policy. It also includes a button to redirect the user and sends the prompt over to Microsoft 365 Copilot instead—where enterprise data protection applies, including compliance boundaries, tenant isolation, and excluding data from model training.Edge for Business settings also prevent users from bypassing controls by switching browsers. Since these protections are built right into Edge for Business, whether a device is managed or unmanaged, protections apply as long as users are signed into Edge for Business with their Entra ID.For IT and security teams, this means risky AI behavior is stopped, while allowing users to safely adopt AI tools. Productivity stays high, and sensitive data stays protected.Prompt-level data protections in Purview are generally available. Licensing information is available here.https://www.youtube.com/watch?v=JIDs57MAXOoAI browsing, safe for work on day 1At Ignite, we announced Edge for Business as the world's first secure enterprise AI browser, evolving Microsoft 365 Copilot in the browser with new contextual and agentic experiences such as Agent Mode, multi-tab reasoning, and YouTube summarization.With this evolution, Copilot in Edge for Business is designed to take on more complex, context-rich work—while continuing to operate within enterprise boundaries defined by IT. These experiences help people move faster and stay focused, while protecting sensitive data.Agent Mode will introduce agentic AI to the browser by automating multi-step workflows and reducing repetitive tasks, so users can focus on more high value work. Multi-tab reasoning helps users cut through information sprawl and manual work by analyzing content across up to 30 open tabs—spanning websites, PDFs, and Microsoft 365 apps—to surface insights in one place. And YouTube summarization allows users to quickly get the key takeaways from video content without watching entire clips, saving time and keeping focus on work that matters.Enterprise grade protections are foundational to how AI works in Edge for Business and are built in from day one. First, existing data protections that organizations have already configured—such as data loss prevention (DLP)—automatically apply to contextual and agentic browsing experiences, including multi-tab reasoning and Agent Mode. In other words, the same browser DLP policies used today are enforced when Copilot accesses and uses data during AI powered browsing.Next, advanced AI browsing features include their own individual controls, giving IT teams the ability to manage access as new capabilities are introduced. This allows organizations to enable advanced AI experiences purposefully, in alignment with their security and governance requirements.Finally, Agent Mode introduces an additional layer of purpose-built controls designed specifically for more autonomous, multi-step workflows. Agent Mode is enabled by IT, constrained to IT-approved sites, and designed with transparency for end users. Visual indicators show when agentic actions are occurring, users can pause or stop tasks at any time, and Agent Mode does not have access to saved passwords or payment methods. Together, these controls ensure that as AI becomes more capable, trust, visibility, and control remain firmly in place.Multi-tab reasoning and YouTube summarization are currently rolling out in general availability and can be configured through the Edge management service. Stay tuned for more information about Agent Mode coming soon.https://www.youtube.com/watch?v=xPy0Q3iDZDAProtect data in Outlook on the webIn the past, sensitive documents would lose protection when accessed in the browser, enabling users to bypass sensitivity labels and increasing compliance risk. Previously, users could copy, print, and take screenshots of protected emails, which is a costly compliance gap when many users rely on the browser to check email.Now, Microsoft Purview Information Protection enforces label based restrictions in Outlook on the web when users are accessing it through Edge for Business. This extends the same protections already available in Word, Excel, and PowerPoint Online.When a user opens an email with a sensitivity label, Edge for Business enforces: Copy protection: Content cannot be copied to clipboard Screenshot blocking: The browser window turns into a black screen during capture attempts Print restrictions: Printing is blocked per label policyThese protections are exclusively available in Edge for Business with a Microsoft 365 E5 license and require no additional label configuration, honoring the sensitivity labels already defined in Microsoft Purview. To enable enforcement, turn on "Protect labeled content in Microsoft 365 online" in the Edge management service.https://www.youtube.com/watch?v=uieXW27cQbQYour security stack connects with Edge for Business – now with more partners and platformsFor organizations invested in security platforms outside of Microsoft, Edge for Business can still be used to enable secure enterprise browsing without abandoning existing tools or duplicating controls. Edge for Business extends your security investments directly into the browser through the security connector framework, allowing organizations to integrate their tools of choice to gain visibility, enforce policy, and preserve consistent protections within Edge—without adding another isolated control plane.The security connector framework includes connectors across device trust, data loss prevention, and reporting. Today we're excited to announce the availability of additional partners: Clever, Devicie, and Trellix. The result is continuity, not compromise: the security controls you already use, applied to browser‑based work, so your existing investments continue to deliver value. Clever streamlines logins in the education space by recognizing trusted devices in Edge for Business. When a device is trusted, students and staff can log in without needing to complete Classroom multi-factor authentication. Devicie extends visibility into Edge for Business by bringing telemetry, such as extension insights and security events, into the Devicie console. This helps admins reduce risk from unauthorized or high‑risk extensions and automate response actions through Devicie's policy framework. Trellix secures sensitive data by applying DLP endpoint policies to inspect for sensitive content within Edge for Business.Reporting Connector for Mobile – We've heard your requests for visibility into browsing events on mobile devices. We're proud to share that support for reporting connectors on iOS and Android will be coming in the next few months.The Clever connector is available in preview – sign up here. The Devicie and Trellix connectors are now generally available. Configure them in the Edge management service here.Edge for Business is an industry-leading secure enterprise browserIn case you missed it, Microsoft was recognized as a Leader in the IDC MarketScape: Worldwide Application Streaming and Enterprise Browsers 2025 Vendor Assessment (doc #US53004525e, July 2025). We believe this recognition underscores our mission to build the best browser for business, by delivering a secure enterprise browsing experience that's built for the modern enterprise. Read the full excerpt here.As AI and web‑based work accelerate, the browser has become a critical security boundary. With Edge for Business, organizations can secure AI usage, protect sensitive data, and extend trusted security tools—at the place where work happens.