How do you defend against prompt injection today?

Azure's services offer multiple levels of input sanitization/filtering and filtering input is one of the current cornerstones of mitigating injection attacks. If Azure dows it, I imagine all the main players do.