
Agent 365 – the Microsoft AI control plane – is being updated with features that extend a range of governance and security controls to agents running on individual devices and expand the ability to govern agents programmatically.
Agent 365 – introduced last November as the enterprise platform to govern AI agent estates – continues advancing to encompass the full spectrum of agents with new controls for agents running locally on end-user devices.
The latest features include local agents’ inclusion in the Agent 365 registry, giving IT and security teams a unified view of agents including shadow agents detected within the corporate estate. The registry provides visibility into each agent’s publisher, device count, and date it was last scanned.
Admins can view a per-agent details pane listing every endpoint where the agent has been observed. This will give a view into their footprint and accelerate investigations into shadow AI agents.
Agent 365 is extending Purview data governance audits with coverage for popular coding agents including GitHub Copilot Command Line Interface (CLI), Claude Code, OpenAI Codex, and OpenClaw. Broadened coverage enables organizations to audit activity consistently, close visibility gaps as agent use becomes more distributed, and make it easier to investigate incidents and meet compliance requirements.
Microsoft Defender, which provides security posture management within Agent 365, is being enhanced to analyze risk exposure for local agents so security teams can identify and prioritize local agents that represent the highest risk. Defender can audit or block malicious instructions introduced through prompt injection attempts; it generates Microsoft Defender XDR alerts when attacks are detected. Defender’s on-device runtime protections support Claude Code, GitHub Copilot CLI, GitHub Copilot apps, Codex CLI, and OpenClaw.
Another new feature is Microsoft Execution Containers (MXC), which enforce a secure, isolated runtime for local agents to bring them under centralized control. With MCX, IT can require local agents to run within a hardened Windows container, reducing exposure from unmanaged execution while standardizing security protections across an agent fleet.
Programmatic Controls
Agent 365 continues to expand its Microsoft Graph API functionality, which enables scalable, automated management of AI agents. Here are details on two APIs for governance and control:
- List packages lets an admin retrieve a full inventory agents in the organization for governance and reporting
- Get package details enables access to metadata for a specific agent, including configuration, ownership, and deployment details
Additional API-driven enhancements include expanded role-based access for read-only visibility into these two APIs without requiring additional admin privileges, as well as application permissions support so customers can call these APIs using app-only permissions in unattended automation scenarios.
One final enhancement: Microsoft Entra ID for identify governance has been extended to agents built by ecosystem partners that are integrated through the Agent 365 software development kit for consistent management spanning internally developed and third-party agents.
More Agent 365 Insights:
- Microsoft Blog on Agent 365 Updates
- Microsoft AI Stack Including Agent 365 Gains Enterprise Maturity
- Microsoft’s James Oleinik on Managing the Agentic Workplace With Agent 365
- Agent 365: The Platform That Keeps CIOs in Charge as Agents Proliferate
For a 36-Hour Immersion into the FY27 Priorities that define Partner Success in the AI Era, join us at the AI Business Solutions Partner Executive Summit, running July 29-30, 2026, in Renton, WA. Register today.




