IT Brief Canada - Technology news for CIOs & IT decision-makers
Canada
Enterprise soc analysts cloud automation robotic arm diagrams
#
SIEM
#
Digital Transformation
#
Cloud Security

UiPath links with Microsoft to automate security ops

Thu, 19th Mar 2026
Author image
By Catherine Knowles, News Editor

UiPath and Microsoft have launched a security automation capability that links UiPath's automation platform with Microsoft's security products to detect, investigate, and respond to threats across automated business workflows.

The integration connects UiPath with Microsoft Defender for Cloud, Microsoft Sentinel, and Microsoft Security Copilot. It targets organisations running automated business processes that want tighter control over files, signals, and other workflow data that may introduce security risk.

The capability will be available through the UiPath Solutions Marketplace, enabling deployment in environments already using Microsoft's security stack and threat intelligence feeds.

How it works

The process begins with automated scanning of files and signals generated by automated workflows. Microsoft Defender for Cloud scans this material and produces security signals that UiPath can enrich with workflow context.

These signals can then be sent to Microsoft Sentinel, a security information and event management (SIEM) platform, placing workflow-related alerts alongside other security telemetry for investigation.

After events reach Sentinel, analysts can use Microsoft Security Copilot for guided analysis, keeping human decision-making in the loop for investigation and triage.

UiPath automations can also trigger follow-on actions based on security outcomes, such as quarantining files, pausing a workflow, or escalating an incident for review. The aim is to limit operational impact while security teams validate the threat.

Automation teams and security operations centres often run separate tools and processes, even when workflows span the same systems. This integration is designed to bridge that gap by connecting process context to security signals and tying response actions back into workflows.

In effect, business process automation becomes both a potential risk surface and a control point for mitigation. The launch also reflects a broader shift toward automation platforms operating alongside security tools, rather than serving only as productivity layers.

Operational impact

One goal is to reduce time spent on manual investigation. Security teams often need to rebuild context around an alert-such as which process generated it and what data it touched. UiPath and Microsoft position context enrichment as a way to streamline handoffs and improve investigation quality.

They also emphasise faster response. Automated actions, such as quarantining or pausing workflows, could shorten the time between detection and containment-especially for incidents arising in unattended or scheduled automations.

Andrei Oros, Director of IT Automation at UiPath, said the collaboration brings security controls closer to day-to-day operations.

"This collaboration brings security automation closer to where work actually happens," said Oros. "The combination of our automation capabilities with Microsoft Defender, Sentinel, and Security Copilot gives enterprises the ability to embed security controls into operational processes. It's the peace-of-mind they need to adopt automation across their organisation, with the confidence that the data and information driving their most important workflows is compliant and secure, and that it won't interrupt their business."

Microsoft described the integration as an extension of its security platform and governance approach. Ruthy Kaidar, Managing Director Solutions, Software Companies, Microsoft EMEA, highlighted added context and human review within response flows.

"UiPath's integration with Microsoft fuses automation with built-in security and governance -enriching signals with business context, empowering human-in-the-loop decisions, and accelerating detection and response - so enterprises can scale agentic automation with confidence," said Kaidar.

For security operations teams, using Sentinel and Security Copilot places the service within existing workflows for alert triage and case management. Steven Spirou, Senior Product Manager, Microsoft Security, said the integration supports faster response through partner-led extensions.

"Security teams need solutions that move at the speed of modern threats," said Spirou. "UiPath's work with Microsoft Sentinel and Security Copilot demonstrates how partners can extend the platform with automation, richer context, and faster response, bringing real, production-grade value to SOC teams."

Marketplace distribution suggests UiPath is targeting customers that have standardised on Microsoft's security tools and prefer packaged integrations over bespoke engineering. Adoption may depend on how widely organisations implement security-driven controls for automated workflows as business units expand their use of automation and AI-assisted processes.

Related stories
Protegrity launches AI Team Edition for secure inferencing
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding
Dropbox launches three apps inside ChatGPT for work
Cyber insurance now common among North American SMBs

Top stories

TestRail launches AI test script generation in beta
FIRST conference highlights AI & CVE disclosure push
OpenAI expands Codex with desktop & workflow tools
OpenAI launches GPT-Rosalind for life sciences research
Mirantis integrates NVIDIA Run:ai to speed AI deployment