Select an ecosystem associate for agent safety and governance
AI brokers aren’t coming—they’re already in your surroundings. They present up in locations you count on (like Microsoft Copilot, Microsoft Groups, and Microsoft 365) and much more locations as know-how evolves (a neighborhood autonomous private AI assistant or a brand new software program as a service (SaaS) agent related to your delicate knowledge.)
The downside isn’t that brokers exist. It’s that they proliferate quick, span apps, endpoints and cloud, and sometimes function exterior the visibility and management of the groups accountable for danger. When an agent can invoke instruments, entry knowledge, and work together with different brokers, any “useful” workflow can flip into knowledge oversharing, device misuse, or over-privileged actions in seconds. And as brokers turn out to be even simpler to create and deploy, your assault floor grows with them.
That’s why end-to-end observability issues: you possibly can’t govern what you possibly can’t see, and you may’t safe what you don’t perceive—particularly when the variety of brokers is a transferring goal.
Microsoft Agent 365 helps you take management of agent sprawl as your management aircraft to observe, govern, and safe brokers and their interactions—together with brokers constructed with Microsoft AI and brokers from our ecosystem companions—utilizing the admin and safety workflows your groups already run.
Normal availability begins right this moment for Agent 365.
Moreover, we’re asserting the previews of new Agent 365 capabilities and integrations that can assist you scale agent adoption with the suitable controls in place.
- Observability, governance, and safety for brokers working independently—Agent 365 is increasing to cowl brokers that function with their very own credentials and permissions.
- Discovery of brokers and shadow AI, utilizing capabilities of Microsoft Defender and Microsoft Intune for each native and cloud brokers.
- A secured, managed surroundings for brokers to work in Home windows 365 for Brokers.
- Protection for a large ecosystem of SaaS brokers, together with brokers innovated by software program growth firms (SDCs).
- Assist for analysis, adoption, and utilization from Microsoft and ecosystem companions worldwide.
Handle brokers with a single management aircraft, no matter how or the place they work
As organizations transfer from pilot to adoption, AI brokers are being deployed throughout more and more numerous use circumstances. Some act with delegated entry, engaged on behalf of customers; others function with their very own credentials and permissions, collaborating in crew workflows or working behind the scenes.
With Agent 365, you can observe, govern, and safe AI brokers whether or not they act on behalf of customers with delegated entry—for instance, an agent that helps workers manage their inbox—or brokers that function with their very own entry and scope of labor—resembling an agent autonomously triaging assist tickets.
| Supported by Agent 365 | ||
|---|---|---|
| Brokers engaged on behalf of customers (delegated entry) Typically out there |
Brokers working behind the scenes (personal entry) Typically out there |
Brokers collaborating in crew workflows (personal entry) Public Preview |
Uncover and handle native and cloud-hosted brokers
Customers are putting in brokers like OpenClaw and Claude Code on their units and adopting SaaS brokers constructed by builders on new and rising platforms. Many of those native and cloud-hosted brokers run unmanaged and out of doors of conventional governance, as they autonomously execute duties, modify code, or entry confidential info, creating a brand new wave of shadow AI.
To assist organizations deal with accelerating agent sprawl and the rise of unmanaged brokers, we’re introducing new capabilities as a part of Agent 365, Microsoft Defender, and Intune so you possibly can uncover shadow brokers, and apply acceptable controls, resembling blocking unmanaged brokers.
Uncover and handle native brokers
With Microsoft Defender and Intune, organizations will be capable to uncover and handle native AI brokers operating on Home windows units, beginning with OpenClaw brokers and increasing quickly to different broadly used brokers like GitHub Copilot CLI and Claude Code. Clients enrolled within the Frontier program can see if OpenClaw brokers are getting used within the group, which units they’re operating on, and use Intune insurance policies to dam frequent ways in which OpenClaw runs on the brand new Shadow AI web page in Agent 365 within the Microsoft 365 admin middle and within the Intune admin middle. Via Agent 365 registry, the stock of native brokers can be out there in Defender and Intune so IT, endpoint administration, and safety groups can get a constant view of found native brokers of their surroundings and take acceptable motion.
Beginning in June 2026, Microsoft Defender may even present asset context mapping for every agent together with the units they run on, MCP servers configured for these brokers, the identities related to them, and the cloud assets these identities can attain. This can give safety groups the context wanted to evaluate publicity and potential blast radius. They can then examine agent exercise, resembling file entry and community habits, utilizing acquainted endpoint knowledge, and use these insights to determine misconfigurations and even outline customized detections.
Past monitoring, organizations will be capable to apply policy-based controls to set guardrails for what brokers are allowed to do—serving to defend each brokers and organizations from compromise and misuse—with preliminary assist delivered for OpenClaw by means of Intune. If a managed agent reveals malicious habits patterns, resembling trying to entry or exfiltrate delicate knowledge, Defender can be in a position to block coding brokers in runtime and generate alerts with wealthy incident context to assist investigation and response.
Context mapping capabilities, policy-based controls, plus runtime blocking and alerts can be out there in Agent 365 by means of Intune and Defender public preview in June 2026.
Visibility throughout clouds and AI-builder platforms
As builders are quickly constructing brokers with Microsoft Foundry, AWS Bedrock, and Google Gemini Enterprise Agent Platform (previously Google Vertex AI) and deploying cloud brokers throughout multicloud and multi-platform environments, the agent sprawl problem intensifies. To handle potential safety dangers or vulnerabilities earlier than they turn out to be breaches, safety and IT groups want visibility to which cloud brokers are operating, what fashions these brokers are constructed on, and what assets they’re accessing.
Right this moment, we’re excited to announce the general public preview of Agent 365 registry sync with AWS Bedrock and Google Cloud connections, enabling IT groups to mechanically uncover, stock, and, quickly, carry out primary lifecycle governance—for instance, begin, cease, delete brokers—throughout these platforms.
Handle a large ecosystem of SaaS brokers
Agent 365 works with prebuilt brokers in Microsoft 365 Copilot and Groups, brokers constructed with Microsoft Copilot Studio or Microsoft Foundry on your group, and brokers constructed by software program growth firms partnered with Microsoft.
Delivering on our promise of management aircraft for the broad agent ecosystem, we’re excited to announce ecosystem associate brokers absolutely configured to be managed by Agent 365, together with Genspark, Zensai, Egnyte, and Zendesk, and brokers constructed on agent factories, together with Kasisto, Kore, and n8n. Organizations can observe, govern, and safe these brokers in the Agent 365 management aircraft, with no integration work by IT or safety groups.
Agent 365 software program growth firm launch companions
Enterprises can simply construct AI brokers right this moment, however scaling them with belief and governance is the place most initiatives stall. With Kore.ai deeply built-in into Microsoft Agent 365, id, safety, and governance are inbuilt from the beginning—empowering enterprises to maneuver from pilots to AI at scale with confidence.
—– Raj Koneru, Chief Govt Officer of Kore.ai
The Agent 365 developer and ecosystem companions play a essential function in extending brokers into line-of-business methods, constructing vertical and scenario-specific integrations, modernizing legacy automation into agent workflows, extending Copilot experiences with customized brokers, and serving to prospects operationalize agent ecosystems at scale. These Agent 365 enabled brokers are then observable, governable, and securable within the Agent 365 management aircraft, accelerating adoption on your group.
Safe brokers as they work in Home windows 365
Whereas Agent 365 gives the management aircraft to look at, govern, and safe agent exercise throughout the enterprise, Home windows 365 for Brokers—now out there in public preview (in the USA solely)—gives a secured, managed surroundings the place brokers can perform that work. It introduces a brand new class of Cloud PCs purpose-built for agentic workloads and managed in Intune, permitting brokers to run in policy-controlled environments, work together with functions, and function with the identical id, safety, and administration controls already used for workers.
Now, with Agent 365, it’s also possible to observe and safe brokers operating on Home windows 365 for Brokers in Microsoft 365 admin middle, understanding which brokers are related to the cloud-powered compute. Collectively, they allow organizations to maneuver from visibility and governance of brokers to confidently operating them in manufacturing environments.
Safe brokers in opposition to web threats with community controls
AI brokers can function a lot sooner than human customers. With out correct guardrails, they will hook up with dangerous net locations, work together with unsanctioned AI providers, deal with delicate information unsafely, or be manipulated by means of malicious prompt-based assaults. These dangers are tougher to handle when safety groups lack constant visibility and controls for agent site visitors to web, SaaS, and AI providers.
To give safety groups a constant solution to examine agent site visitors on the community layer, on the whole availability right this moment, Agent 365 extends Microsoft Entra community controls to Microsoft Copilot Studio brokers and brokers operating on person endpoint units, together with native brokers resembling OpenClaw. These controls will help determine unsanctioned AI utilization, prohibit connections to solely authorised net locations, filter dangerous file motion, and assist block malicious prompt-based assaults earlier than they result in dangerous actions.
Confidently scale and govern AI brokers whereas sustaining safety and management
Agent 365 extends even additional past Microsoft platforms to uncover, observe, govern, and safe native, SaaS, and cloud brokers throughout your agentic AI ecosystem. Every of right this moment’s bulletins construct upon Agent 365 capabilities we shared in March 2026 in addition to detailed suggestions of consumers utilizing the Frontier program, builders integrating with the platform, and companions testing Agent 365 capabilities.
With Agent 365, we are able to scale and govern AI brokers with confidence, whereas sustaining enterprise grade safety and management. Agent 365 allows organizations to maneuver past experimentation, driving tangible enterprise worth and innovation by means of trusted AI adoption. By offering a strong and built-in platform, Agent 365 empowers groups to confidently embrace AI and speed up transformation throughout the enterprise.
—Yuji Shono, Head of the International AI Workplace, NTT DATA Group Company, a world infrastructure, networking, and IT providers supplier.
As organizations start to undertake Agent 365 at scale, we’ve collaborated with strategic companions to create focused providers to assist prospects onboard, sort out governance challenges and notice the platform’s full worth.
Associate providers provided right this moment embody experience and steering for:
- Stock and possession: What brokers exist, who owns them, and the place they run.
- Least privilege: Proper-sizing permissions and imposing entry guardrails with out slowing supply.
- Compliance and knowledge safety: Stopping oversharing and producing audit-ready proof.
- Threats and multi-platform estates: Understanding assault paths and governing throughout distributors and clouds.
- Ongoing operations: Lifecycle administration, monitoring, and steady governance hygiene.
These precious providers are sometimes scoped as workshops and assessments (diagnose and roadmap), governance and enablement (get up the management aircraft and guardrails), managed providers (run and enhance constantly), advisory and readiness (working mannequin and adoption readiness), and safety and integration (harden posture and combine third-party brokers.)
Tips on how to get began with Agent 365
Agent 365 is now out there in Microsoft 365 E7 or standalone at USD15 per person per thirty days. Every Agent 365 license covers an particular person who manages or sponsors brokers, or makes use of brokers to do work on their behalf, making certain all agent exercise is constantly ruled throughout the group in a method that’s predictable for scaled progress.
Along with the experience of your Microsoft 365 crew and companions, Agent 365 assets to assist your expertise embody:
Plus, on Tuesday, Could 12, 2026, a crew of Agent 365 consultants are internet hosting a reside “Ask Microsoft Something” to reply your questions on Agent 365—we hope you’ll be a part of for the dialogue.
Select an ecosystem associate for agent safety and governance
