Microsoft said on the 7th that it officially launched Microsoft Agent 365, an integrated control platform that supports stronger security and governance for AI agents.
As AI agents spread across apps, endpoints, and the cloud, the need to manage "shadow AI" that falls outside security teams' visibility and control has grown. Microsoft said that in the process of agents autonomously calling tools or interacting with other agents, excessive data sharing, tool misuse, and privilege abuse can occur.
Agent 365 observes, manages, and protects agents within an organization from a single control platform. It can manage delegated agents that operate on behalf of users and agents that run in the background with their own permissions, and it also detects unmanaged agents in local and cloud environments through Microsoft Defender and Intune. Starting with OpenCola running on Windows devices, it plans to expand detection targets to GitHub Copilot CLI, Claude Code, and more.
Microsoft visualized the relationships among agent execution locations, connected ID, MCP servers, and accessible cloud resources so security teams can assess risk levels. When abnormal behavior such as attempts to access or leak sensitive data is detected, Defender blocks the agent and sends an alert. Related asset mapping, policy-based controls, and runtime blocking features are slated to be available as a public preview in June.
Multi-Cloud support is also being strengthened. Agent 365 supports synchronization with AWS Bedrock and the agent registry of Google Cloud to automatically identify agents scattered across multiple platforms and help with lifecycle management. Windows 365 for Agent, a cloud PC environment dedicated to agents, will also be offered as a public preview.
Agent 365 is offered to commercial customers on a per-user basis and is included in Microsoft 365 E7 or available as a standalone license for $15 per user per month.