What's new in Microsoft Purview

Whether it's adding new solutions, updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft Purview helps you stay on top of the ever-changing data governance, data security, and risk and compliance areas. Take a look at the following information to see what's new in Microsoft Purview.

What's planned for Microsoft Purview

Microsoft Purview continues to add new solutions and features to help with data governance, data security, and risk and compliance in your organization. Check out the following roadmap sites to learn more about what's planned for Microsoft Purview:

  • Roadmap for data governance solutions.
  • Roadmap for data security and risk and compliance solutions.

July 2026

Data Loss Prevention

  • In preview: Protect sensitive data in text and prompts by integrating with Microsoft Entra Global Secure Access (GSA). This integration enables organizations to intercept and inspect text and AI interactions at the network layer, enforce restrictive actions based on DLP policies, and detect risky user activity through Insider Risk Management. It helps prevent sensitive data from being shared with untrusted cloud applications through browsers, apps, APIs, and add-ins, including generative AI platforms, social media, and collaborative platforms. See Learn about Microsoft Purview Network Data Security.

Insider Risk Management

  • In preview: Unified alert experience combines the Triage Agent and Standard alert dashboards into a single alerts list page. View and manage both classic and agent-triaged alerts from one location, with the ability to preview agent summaries, alert and user details directly on the alerts list page.
  • In preview: Expanded user profile details in the unified alert experience add additional user profile signals from Microsoft Entra, including office location, employee type, department, and last working date.
  • In preview: Expanded note capabilities across alerts and cases. Analysts and investigators can now add and view notes on both alerts and cases. System-generated notes are automatically applied when there's a change in alert or case status, assigned user, closure, or case escalation.

June 2026

Copilot Cowork

Data Loss Prevention

  • New: Access Endpoint DLP device attribute data using Advanced Hunting. Query Endpoint DLP device configuration and policy sync attributes at scale through the DeviceInfo table's DlpInfo column in Advanced hunting in the Microsoft Defender portal, instead of relying on point-in-time exports from the Microsoft Purview portal.

  • New: Create a DLP policy that uses device scoping. Scope an Endpoint DLP policy to specific device groups — for example, enforce policy only when Finance users access data from Windows devices, and not when the same users work from macOS — using dynamic device groups defined in Microsoft Entra ID.

  • In preview: New Email is received from > External users condition for the Microsoft 365 Copilot and Copilot Chat policy location lets DLP policies prevent Copilot from using external email as grounding data, helping reduce prompt injection risk from untrusted senders. See Block external email from being processed (preview).

  • In preview: Enhanced matched conditions for Exchange DLP events surfaces detailed non-sensitive information type (SIT) condition matches in DLP alerts and Activity Explorer for Exchange Online. Each matched condition includes the condition name, matched value, and source.

Data Security Investigations

  • In preview: Endpoint DLP evidence collection is now available as a data source in Data Security Investigations. Investigators can query data captured by endpoint Data Loss Prevention (DLP) policies on onboarded devices and add the associated content to an investigation scope for AI-powered analysis. This integration enables aggregate analysis of endpoint exfiltration events instead of per-alert triage. For more information, see Search, review, and refine results in Data Security Investigations.
  • General availability (GA): Email and portal notifications for Data Security Investigations. Investigators receive notifications through the Microsoft Purview Notification Center and email when setup completes and investigations are ready to use.
  • Updated: Data preparation in Data Security Investigations now runs automatically in the background as items are added to scope. You no longer need to manually initiate vectorization before using AI features.

Device Onboarding

eDiscovery

  • New: A new Convert supported file formats to HTML option is available when adding search results to a review set and when exporting items from a review set in eDiscovery. When enabled, cloud-native file formats such as .loop and .page files are converted to HTML, making the content indexed and keyword searchable in the review set and easier to process in post-export workflows.

Information Protection client

Insider Risk Management

  • General availability (GA): Select which generative AI apps to monitor in Insider Risk Management policy indicators. For Microsoft Copilot experiences and Enterprise AI apps, you can now select or deselect generative AI apps for monitoring, reducing alert noise, and avoiding unnecessary pay-as-you-go billing charges.

Sensitive information types

Sensitivity labels

May 2026

Agent 365

Data Governance

Data Loss Prevention

Data Security Investigations

  • New: OCR support in Data Security Investigations. Image files are automatically processed with optical character recognition (OCR), and the extracted text is merged and vectorized for AI analysis.
  • New: Custom examinations in Data Security Investigations. Define your own examination focus with custom prompts to analyze investigation content beyond the built-in examination areas.
  • Updated: New guidance for working with large audit search results in Data Security Investigations. When audit searches exceed the approximately 3,000-item limit, use the Audit solution to analyze the full result volume, then split searches into smaller time-based slices for ingestion into an investigation.

Data Security Posture Management

  • General availability (GA): The new version of Data Security Posture Management is now generally available. Partner solutions for non-Microsoft data sources remain in preview, as does the Data Security Posture Agent. This current version provides guided workflows for proactive risk management and streamlines data security operations so you can more confidently adopt AI across your digital estate.
  • New: Support for administrative units, to bring parity with the classic versions of DSPM and DSPM for AI.
  • New: To optimize resources, processing is paused for Microsoft 365 data when tenants are inactive for more than 60 days, and automatically resume when you return to the solution. For more information, see Data updates paused for inactive tenants.
  • New: The "Responsible AI FAQ for Data Security Posture Management" is replaced with the more detailed Application card for Data Security Posture Management to better help you understand this solution's AI capabilities, intended uses, limitations, evaluations, safety components, and best practices.
  • New: Support for Anthropic Claude (Enterprise) when you add and configure the Anthropic Claude data connector, now in preview. Claude then displays as another AI application alongside Copilot, Copilot Studio, ChatGPT Enterprise, and other AI apps. Use activity explorer to see individual Claude interactions, such as who used Claude, when they used it, and what kinds of content were involved, just as you do for other AI apps. For more information about Purview support for Claude, see Use Microsoft Purview to manage data security & compliance for Anthropic Claude (Enterprise).

Information protection scanner

  • In preview: Administrators can now enable, disable, and configure cluster-level scanner features from PowerShell.
  • In preview: Custom Reporting populates additional columns and tables in the scanner cluster database so administrators can build their own reports directly against scan results in Power BI or any SQL-based reporting tool, without stitching together per-scan CSV reports.

Reports

  • Preview: Custom posture reports let admins build tailored views of information protection and DLP activity. Assemble metric and chart cards in sections to answer organization-specific questions that complement the built-in posture reports.

Sensitivity labels

  • In preview: Rolling out, manual labeling support for MP4 files in SharePoint and OneDrive. For more information, see Video support (MP4 files.
  • In preview: Rolling out, a new label policy setting for meetings, Apply meeting label to artifacts, automatically applies the meeting's sensitivity label to recordings and their transcripts (.mp4 files), and to meeting notes (.loop files).
  • In preview: You can now see the sync status of your sensitivity label publishing policies on the Label policies page, giving you visibility into when label policy updates are fully synced across Microsoft 365.
  • Updated: The documentation section How to disable sensitivity labels for SharePoint and OneDrive (opt-out) now includes labeling behavior if you disable sensitivity labels for SharePoint and Onedrive after they've been enabled.
  • New: For auto-labeling policies that are turned on and target SharePoint and OneDrive, per-policy review pages let you monitor daily labeling activity, spot-check labeled and failed files, and investigate labeling failures. For more information, see Policy-level labeling activity for SharePoint and OneDrive.

April 2026

Collection Policies

  • Preview: Collection policies support sensitivity labels as a condition for scoping detection to items with specific sensitivity labels applied. This condition is supported with browser and network cloud apps detection.

Data Lifecycle Management

  • New: Newly created Teams call data records (often abbreviated to CDRs, and sometimes also called call detail records or just call records) are no longer included with Teams chat retention policies. Instead, they are included in the new support for Teams call logs retention policies that you create by using PowerShell. These newly supported retention policies let you manage the deletion of calling-related data when this is required for compliance and regulatory requirements. Call data records previously included in Teams chat retention policies continue to be managed by those same policies.

Data Governance

Data Loss Prevention

Data Security Investigations

  • In preview: Proactive AI insights from Data Security Posture Management (DSPM) automatically create and refresh a single investigation for your tenant every 24 hours. The DSPM exfiltration objective card displays risk counts across five fixed categories, giving security teams continuous visibility into recently exfiltrated sensitive data without manual investigation creation.
  • New: A new Data Security Investigation Contributor role automatically provides Data Security Investigations access to members of several Microsoft Purview role groups. Members of the Compliance Administrator and Organization Management role groups have administrative and contributor access, while members of the Data Security Management and Insider Risk Management role groups have contributor access without needing explicit role assignment.

Data Security Posture Management (preview)

Developers

  • Documentation update: Added Scenarios and API overview section. This new section helps developers identify which APIs to use for specific scenarios. For more information, see Scenarios and API overview.

eDiscovery

Insider Risk Management

  • In preview: Preview content while triaging alerts to quickly identify false positives, confirm the presence of sensitive data, and decide whether the alert warrants escalation.

Sensitivity labels

  • General availability (GA): Auto-labeling policies introduce a new flow where you must decide whether to automatically apply a sensitivity label, or remove a label when the configured conditions apply for files in SharePoint and OneDrive. When you chose to automatically apply a sensitivity label, you can now optionally choose to always overriding an existing label that has a lower priority label, even if it was manually applied. This option was previously available for emails only and now extends to files in SharePoint and OneDrive.
  • New: Rolling out, users can now apply sensitivity labels configured for user-defined permissions while using Office for the web. A prerequisite for this functionality is that co-authoring is enabled for the tenant. If this prerequisite isn't in place, users still see the message that they must use a desktop app to apply the label.
  • New: The Label policies page for label publishing policies has a new Export policies option, where the Export to CSV selection acts similarly to Export on the Sensitivity labels page. The Export to Zip selection includes more detailed information about the policies and all sensitivity labels in your tenant. For more information, see Export policy configuration in Microsoft Purview.

Shared capabilities

  • General availability (GA): Export policy configuration as a ZIP file containing a point-in-time snapshot of all policy configurations in XML format for DLP and sensitivity label publishing policies. Use the export for support requests, configuration reference, and local analysis by using PowerShell or Microsoft 365 Copilot.

March 2026

Data Governance

Data Loss Prevention

Data Security Investigations

  • New: Categorization now includes a Standard and Advanced option. Standard categorization can significantly reduce the time it takes to complete processing and the amount of Data Security Investigation Compute Units (compute unit) needed for categorization.
  • In preview: New support for the Data Security Posture Agent in Microsoft Purview. The Data Security Posture agent (preview) in Data Security Investigations helps your organization proactively surface credentials buried in data across your organization at scale.
  • Updated: New guidance for how categorization processes data in Data Security Investigations. Categorization uses relevance scoring to prioritize the most relevant content for each selected category. Updated documentation includes considerations for results, content volume effects, and recommendations for using examination tools for comprehensive analysis.
  • New: Data Security Investigations now supports soft purge for Exchange mailbox items. Soft purge moves items to the recoverable items folder, preserving the ability to restore items based on retention settings. Updated documentation includes guidance for choosing between soft purge and hard purge methods.
  • New: Audit search in Data Security Investigations is now generally available. Use audit search to identify and collect content based on user activities recorded in the Microsoft Purview unified audit log, such as accessing, copying, or downloading files, and pull the associated content into your investigation.
  • Updated: Data Security Investigations searches now respect compliance boundaries configured with search permissions filters. Investigators whose accounts are scoped by a compliance boundary only see search results for content locations within their permitted boundary.
  • New: Personal data examinations in Data Security Investigations identify and extract personally identifiable information from selected data items in an investigation scope. Quickly assess which personal data types were exposed after a data security incident, including names, email addresses, financial account numbers, and Social Security numbers, with severity classification and AI-generated reasoning to support regulatory compliance reporting.

Data Security Posture Management (preview)

Deployment models

eDiscovery

  • In preview: Use the new Advanced review set explorer to query review set data with Kusto Query Language (KQL). Build advanced queries with complex filtering, pattern-based text extraction, and data visualization to analyze and find key information in your review sets.
  • New: Configure sampling options when adding search results to a review set in eDiscovery. Choose confidence-based or percentage-based sampling to add a statistically representative subset of search results instead of all items. Completing the Generate statistics process is required to enable sampling.

Insider Risk Management

Sensitivity labels

February 2026

Data Governance

  • In preview: Microsoft Purview Data Quality supports incremental data quality scans by using time-based filtering. By using incremental scans, you can choose between full scans, incremental scans, or both when you run data quality rules on data assets.

  • In preview: Data quality scans for standalone data assets enable organizations to measure and improve data quality immediately without associating a data asset to a data product, significantly speeding up governance adoption. By running scans on assets, organizations can decide whether to associate a data asset to a data product if the data asset is in poor quality.

  • General availability (GA): Azure SQL Managed Instance support (SQL MI) is now generally available. You can now measure, understand, and improve the quality of your data in your SQL MI. Both public network and private endpoint configurations are supported. To get started, create a connection similar to Azure SQL database with supported port number, and assess the quality of your data using the Microsoft Purview Data Quality scanner.

Developers

  • Microsoft Purview enables software development companies to integrate governance, protection, and compliance capabilities into their applications using SDKs and APIs. A new list of partner integrations is now available, with links to partner documentation. For more information, see Software Developer Partner Integrations.

Insider Risk Management

Sensitivity labels