check before: 2025-07-15
Product:
Copilot, Purview, Purview Communication Compliance, Purview compliance portal, Purview Information Protection, Purview Insider Risk Management, Teams
Platform:
Online, Web, World tenant
Status:
Rolling out
Change type:
Admin impact, New feature, Updated message, User impact
Links:
Details:
Summary:
Microsoft Purview will integrate Insider Risk Management (IRM) with Data Security Investigation (DSI) in preview by mid-July 2025, enabling admins to launch AI-powered, in-depth data investigations directly from IRM cases. General availability is expected by late November 2025, streamlining risk assessment and response.
Details:
Updated September 5, 2025: We have updated the timeline. Thank you for your patience.
Coming soon: A new integration between Insider Risk Management (IRM) and Data Security Investigation (DSI) in Microsoft Purview. This enhancement allows data security admins to launch a pre-scoped DSI directly from an IRM case, enabling deeper investigation into risky user behavior and better post-incident impact assessment.
DSI is a new AI-powered solution that enables data security teams to identify incident-related data, conduct deep content analysis, and mitigate risk within one unified solution. DSI enables data security admins to efficiently identify incident-relevant content by searching their Microsoft 365 data estate to locate emails, Teams messages, Copilot prompts and responses, and documents. Once the investigation is scoped, DSI's generative AI capabilities allow admins to gain deeper insights into the impacted data, revealing critical security risks and sensitive information. Investigative capabilities include the ability to categorize evidence, perform vector searches, and examine impacted data for security and sensitive data risks. To mitigate identified risks, DSI facilitates secure collaboration between partner teams. Post-investigation learnings can be used to refine existing policies to strengthen an organization's security practices.
This message is associated with Microsoft 365 Roadmap ID 486827.
[When this will happen:]
Public Preview: We will begin rolling out mid-July 2025 and expect to complete by late July 2025.
General Availability (Worldwide): We will begin rolling out late November 2025 (previously late August) and expect to complete by late December 2025 (previously late September).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2025-06-11
updated:
2025-09-06
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Integration of Insider Risk Management with Data Security Investigation
Without proper preparation, the integration may lead to confusion among data security admins regarding the new processes for launching investigations, potentially delaying incident response times and increasing the risk of data breaches.
- roles: Data Security Admins, Insider Risk Management Investigators
- references: https://learn.microsoft.com/purview/data-security-investigations, https://techcommunity.microsoft.com/blog/microsoft-security-blog/accelerate-data-security-investigations-with-ai-powered-deep-content-analysis/4396099
AI-Powered Investigations
The introduction of AI capabilities without adequate training may result in misuse or misunderstanding of the tools, leading to incomplete investigations and unresolved security risks, negatively impacting user trust and data security.
- roles: Data Security Admins, IT Security Analysts
- references: https://learn.microsoft.com/purview/data-security-investigations-get-started, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=486827
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-09-06 | MC MessageTagNames | New feature, User impact, Admin impact | Updated message, New feature, User impact, Admin impact |
| 2025-09-06 | MC Summary | A new integration between Insider Risk Management (IRM) and Data Security Investigation (DSI) in Microsoft Purview allows data security admins to launch pre-scoped DSI directly from IRM cases. This feature, rolling out in mid-July 2025, enhances investigation capabilities and post-incident assessment. No admin action is required before the rollout. | Microsoft Purview will integrate Insider Risk Management (IRM) with Data Security Investigation (DSI) in preview by mid-July 2025, enabling admins to launch AI-powered, in-depth data investigations directly from IRM cases. General availability is expected by late November 2025, streamlining risk assessment and response. |
| 2025-09-06 | MC Last Updated | 06/11/2025 01:16:54 | 2025-09-05T18:37:06Z |
| 2025-09-06 | MC Messages | Coming soon: A new integration between Insider Risk Management (IRM) and Data Security Investigation (DSI) in Microsoft Purview. This enhancement allows data security admins to launch a pre-scoped DSI directly from an IRM case, enabling deeper investigation into risky user behavior and better post-incident impact assessment.
DSI is a new AI-powered solution that enables data security teams to identify incident-related data, conduct deep content analysis, and mitigate risk within one unified solution. DSI enables data security admins to efficiently identify incident-relevant content by searching their Microsoft 365 data estate to locate emails, Teams messages, Copilot prompts and responses, and documents. Once the investigation is scoped, DSI's generative AI capabilities allow admins to gain deeper insights into the impacted data, revealing critical security risks and sensitive information. Investigative capabilities include the ability to categorize evidence, perform vector searches, and examine impacted data for security and sensitive data risks. To mitigate identified risks, DSI facilitates secure collaboration between partner teams. Post-investigation learnings can be used to refine existing policies to strengthen an organization's security practices. This message is associated with Microsoft 365 Roadmap ID 486827. [When this will happen:] Public Preview: We will begin rolling out mid-July 2025 and expect to complete by late July 2025. General Availability (Worldwide): We will begin rolling out late August 2025 and expect to complete by late September 2025. | Updated September 5, 2025: We have updated the timeline. Thank you for your patience.
Coming soon: A new integration between Insider Risk Management (IRM) and Data Security Investigation (DSI) in Microsoft Purview. This enhancement allows data security admins to launch a pre-scoped DSI directly from an IRM case, enabling deeper investigation into risky user behavior and better post-incident impact assessment. DSI is a new AI-powered solution that enables data security teams to identify incident-related data, conduct deep content analysis, and mitigate risk within one unified solution. DSI enables data security admins to efficiently identify incident-relevant content by searching their Microsoft 365 data estate to locate emails, Teams messages, Copilot prompts and responses, and documents. Once the investigation is scoped, DSI's generative AI capabilities allow admins to gain deeper insights into the impacted data, revealing critical security risks and sensitive information. Investigative capabilities include the ability to categorize evidence, perform vector searches, and examine impacted data for security and sensitive data risks. To mitigate identified risks, DSI facilitates secure collaboration between partner teams. Post-investigation learnings can be used to refine existing policies to strengthen an organization's security practices. This message is associated with Microsoft 365 Roadmap ID 486827. [When this will happen:] Public Preview: We will begin rolling out mid-July 2025 and expect to complete by late July 2025. General Availability (Worldwide): We will begin rolling out late November 2025 (previously late August) and expect to complete by late December 2025 (previously late September). |
| 2025-09-06 | MC Title | Microsoft Purview compliance portal | Insider Risk Management: Data Security Investigation integration (preview) | Update: Microsoft Purview compliance portal | Insider Risk Management: Data Security Investigation integration (preview) |
| 2025-09-06 | MC End Time | 01/02/2026 09:00:00 | 2026-02-09T09:00:00Z |
Last updated 1 week ago ago
