AI agents should not have risky HTTP configurations
Why This Matter
Misconfigured HTTP requests in Copilot Studio agents can expose your organization to data interception and man-in-the-middle attacks. Agents connecting to non-standard ports or using plain HTTP instead of HTTPS transmit sensitive data in cleartext, bypassing standard security controls. As AI agents increasingly handle business-critical data, ensuring all HTTP traffic uses encrypted HTTPS connections on standard ports is essential to prevent data leakage.
What Aether365 Checks
Aether365 scans all Copilot Studio agents in your Microsoft 365 tenant for HTTP actions that connect to non-standard ports or use plain HTTP instead of HTTPS. This check appears in the Aether365 dashboard under your microsoft-365 checks and flags any agent topics with risky HTTP configurations.