Microsoft has transitioned its management platform for AI agents, Agent 365, from preview to general availability. This move underscores the company’s recognition that the governance issues surrounding autonomous AI are now pressing and operational.
Overview of Agent 365
First introduced at Microsoft’s Ignite conference in November, Agent 365 serves as a unified control plane that enables enterprise IT and security teams to monitor, govern, and secure AI agents across various environments. These include Microsoft’s ecosystem, third-party cloud platforms like AWS Bedrock and Google Cloud, and local employee devices. The platform aims to address the emerging risks associated with what Microsoft terms shadow AI, where employees deploy AI tools without IT oversight.
Emerging Security Risks
According to David Weston, Corporate Vice President of AI Security at Microsoft, enterprises are grappling with how to effectively manage these autonomous agents. He noted that many organizations are caught between a laissez-faire approach and stringent restrictions, leading to potential security crises. Microsoft has identified three primary categories of security incidents linked to AI agents:
1. **Unauthorized Connections**: Developers inadvertently exposing sensitive backend systems by connecting AI agents improperly.
2. **Cross-Prompt Injection**: Attackers embedding malicious instructions in data sources that agents ingest, leading to unauthorized actions.
3. **Data Leakage**: Agents accessing sensitive data through systems not designed to recognize agent behaviors, resulting in significant risks.
Agent 365 Features and Pricing
Agent 365 operates as a centralized registry and policy engine, offering IT administrators visibility into all agents in their environment. The platform categorizes agents based on their operational status, with a pricing model set at $15 per user per month. This model allows organizations to scale their governance efforts based on user interaction rather than the number of agents.
Local AI Agent Discovery and Management
A key feature of Agent 365 is its capability to discover and manage local AI agents installed on employee devices. Starting with the OpenClaw agent, organizations can utilize Microsoft Defender and Intune to detect unauthorized AI tools. Microsoft plans to expand this discovery feature to include 18 different agent types by June 2026.
Additionally, Microsoft Defender will introduce asset context mapping, allowing security teams to assess the potential impact of compromised agents. This feature aims to enhance the understanding of how different assets are interconnected, providing critical insights for risk management.
Cross-Platform Governance and Future Directions
In a strategic move, Microsoft is extending Agent 365’s governance capabilities to rival cloud platforms, enabling IT teams to manage agents across AWS and Google Cloud. This cross-cloud functionality is designed to meet the needs of enterprises operating in multi-cloud environments.
Moreover, Microsoft is launching Windows 365 for Agents, a new class of Cloud PCs tailored for AI workloads, allowing organizations to isolate these processes from employee endpoints while maintaining security controls.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
