Today, we introduced the next step in bringing frontier transformation to life for customers in every industry with Wave 3 of Microsoft 365 Copilot, Microsoft Agent 365, and Microsoft 365 E: the Frontier Suite.
As more customers use agentic AI, CIOs, CISOs, and security teams have important questions. How can I track and monitor these agents? How do I know what they are doing? Do they have the right access? Can they leak sensitive data? Are they safe from cyber threats? How do I manage those threats?
These new solutions mark a significant advancement in providing clarity and security for organizations adopting AI with Agent 365 and Microsoft 365 E7, the Frontier suite available starting May 1, 2026. We address these questions to give our organizations the confidence to use AI more fully.
Agent 365: The Control Center for Agents
As organizations use more agentic AI, gaps in visibility and security can make it easier for agents to act against company interests. Without a control center, teams cannot see which agents exist, their behavior, access, or risks. Microsoft Agent 365 gives you a unified control center, so IT, security, and business teams can observe, manage, and secure agents across your organization whether built on Microsoft AI platforms or from partners using new Microsoft security features that integrate into your workflows.
Here’s how this works in real situations.
Now that Agent 365 is running in production, Avanade can clearly see agent activity, manage agent activity growth, control resource use, and treat agents as identity-aware digital entities in Microsoft Intra. This greatly reduces operational and security risks, represents a major step toward overseeing agents at scale, and demonstrates Microsoft’s commitment to responsible production-ready AI. Aaron Reich, Chief Technology and Information Officer, Avanade.
Key Features Of Agent 365 Include:
Visibility For Every Role.
With Agent 365, IT, security, and business teams can view all managed agents, understand their usage, and act quickly on relevant performance, behavior, and risk signals within their current workflows.
- The agent registry lists all agents (AI systems that perform your tasks) in your organization, including those built with Microsoft AI Power Partners and those added via APIs (software interfaces that allow product programs to interact).IT teams can access this list in the Microsoft 365 admin center. Security teams can see the same list in their Microsoft Defender, and Purview works.
- Agent behavior and performance tracking provide reports on agent performance, usage of metrics, maps, and activity.
- Agent risk signals in Microsoft Defender, Intra, and Purview help security teams assess agent risk as they do for users by detecting issues such as compromise, sign-in problems, or risky data use. Defender checks for compromise, Intra for identity risk, and Purview for insider risk. IT teams can view these risks in the Microsoft 365 admin center.
- Security policy teams in Intra help IT and security set and enforce organization-wide policies for new agents in the admin center.
* These features are in public preview (available for testing for all users but not final) and will remain so on May 1.
Secure And Manage Agent Access
Managed agents can pose serious risks, including unauthorized access to resources, excessive privileges, or misuse by malicious actors. With Microsoft Intra features in Agent 365, you can secure agent identities and control their access to resources.
- Agent ID gives each agent a unique Microsoft Intra identity tailored to its needs. This enables organizations to set trusted, scalable access policies, close unmanaged identity gaps, and align agent access with existing controls.
- Identity protection and conditions for agents expand current user policies to agents. These policies make real-time access decisions based on risk, device compliance with Microsoft Intune (a device management tool), and custom security settings for agents working for a user. They help prevent compromise and make sure agents cannot be misused by bad actors.
- Identity governance for agents lets identity leaders limit agent access to only the sources they need. Access packages can be set to match a subset of user permissions, and leaders can audit which access has been granted to agents.
Prevent Data Oversharing And Ensure Agent Compliance
Agent 365, powered by Microsoft Purview, provides strong data security and compliance for agents. It helps prevent agents from retrieving sensitive data, stops insider data leaks, and supports responsible data administration to meet global regulations.
- Data security and posture management provide admins with clear visibility into data risks for agents, enabling them to resolve issues before they become trouble. Problems
- Information protection enforces MACMA 365 data sensitivity labels to prevent sensitive data leaks for agents.
- Inline data loss prevention (DLP) for Microsoft Copilot Studio Agents blocks sensitive information such as personal details, credit card numbers, and custom data types from being processed at runtime.
- Insider risk management now covers agents blocking and flagging risky agent interactions with sensitive data for security admins.
- Data lifecycle management lets you set rules for keeping or deleting prompts and agent-generated data, helping you manage risk and liability.
- Audit and e-discovery now include agents enabling organizations to audit, investigate, and manage agent activity as they do for users and apps.
- Communication compliance now extends to two-agent interactions, enabling human monitoring of risky AI communications. This gives businesses and business leaders the ability to apply their code of conduct and compliance policy to AI as well, in advance of emerging cyber threats. Agent 365 includes Microsoft Defender protections purpose-built to detect and counter AI-specific vulnerabilities and threats such as prompt manipulation, model tampering, and agent-based attack chains.
- Security posture management for Microsoft Foundry and Copilot Studio agents identifies misconfigurations and vulnerabilities, so security twins can fix them before attackers exploit them.
- Detection in investigation and response for Foundry and Co-pilot agents helps teams investigate and fix attacks on agents, ensuring agents are included in security reviews, threat protection, and investigations and hunts using Agent 365. Tools Gateway helps organizations detect, block, and investigate malicious agent activities.
Agent 365 will be available starting May 1, 2026, at $15 each per user per month. Learn more about Agent 365
Microsoft 365 E7: the Frontier Suite
Microsoft 365 E7 combines intelligence and trust to help organizations speed up frontier transformation. It provides human employees with AI tools for email, documents, meetings, spreadsheets, and business apps, and gives IT and security leaders the oversight and control needed for enterprise AI, including both users and AI agents.
Microsoft 365 E7, Controllers Copilot, Agent365, Intra Suite, and E5 with Advanced Defender, Intra Intune, and Purview security features. It protects both users (humans) and AI agents. You can buy it starting May 1, 2026, for $99 per user each month. Learn more about Microsoft 365 E7.
End-to-End Security for the Agentic Era
Frontier transformation relies on agents and trust, which begins with security. Microsoft Security protects 1.6 million customers at AI speed and scale with Agent 365. These enterprise-grade tools now help organizations monitor, secure, and manage AI agents, offering full protection for both AI agents and human users with Microsoft 365 E7.
Start your frontier transformation now with Agent 365 and Microsoft 365 E7: the frontier suite. Join us at the RSAC Conference 2026 to learn more about these solutions and hear from experts and customers who are molding the future of Asian Security.
To learn more about agent security, visit our website, bookmark our security blog for expert updates, and follow us on LinkedIn (Microsoft Security) and X(@MSFTSecurity) for the latest cybersecurity news.
