en.Wedoany.com Reported - At the Build 2026 conference, Microsoft announced the general availability of the Agent 365 SDK, embedding identity, policy, and data controls that take effect when building agents, rather than intervening only after problems arise in production environments. This initiative aims to address critical control issues in enterprise AI deployment. For two years, the core discussion in the AI field has centered on raw capabilities, with vendors competing on benchmarks and context windows. Now, Microsoft is signaling to its largest customers that capabilities are merely the entry ticket, and the key factor between pilot and deployment is control.

The Agent 365 SDK allows developers to integrate observability, access control, and compliance enforcement into the agent design process, enabling agents built this way to run on any AI platform. The accompanying Agent 365 Agent Registry, combined with Microsoft Defender, Entra, and Intune, discovers unmanaged local agents within an organization, identifying over 20 types of local agents, including coding agents and Model Context Protocol servers. On the code front, the integration of Microsoft Defender with GitHub code security is now generally available, enriching discovered vulnerability information with production signals such as internet exposure and data sensitivity, and generating AI-powered fixes via GitHub Copilot for developer validation. Behind this is Microsoft's research, dubbed MDASH, an agent scanning system that coordinates over 100 specialized agents, achieving a score of 96.55% on the CyberGym benchmark, an improvement of approximately 10 percentage points over three weeks. The Microsoft Execution Container SDK provides Windows operating system-level controls, limiting the scope of agent operations. Windows 365 for Agents is now generally available, running agents within isolated, policy-controlled cloud PCs. Microsoft Purview has added runtime data loss prevention for agent prompts, capturing sensitive data before it reaches the model.

Microsoft is not the first to propose this concept. At the Google Cloud Next conference, Google built the Gemini Enterprise Agent Platform governance stack around agent identity, agent gateways, and agent registries, assigning each agent a unique cryptographic identity independent of any human user. AWS uses the Bedrock AgentCore framework to rapidly push agents into production environments while providing identity and tool management. The three companies are collectively building a control plane for agents, similar to what Kubernetes does for containers. Specialized vendors like Saviynt, Silverfort, and TrueFoundry sell governance layers to companies seeking independence from a single cloud provider's governance layer. Microsoft's advantage lies in the fact that Entra, Intune, Defender, and Purview are already running in most large enterprises, with agent governance existing as an extension of security teams' existing tools rather than a new platform.

Buyers should note how many features announced at Build are in preview rather than generally available. The integration of Defender and GitHub, as well as Windows 365 for Agents, are generally available, but MDASH, Purview runtime controls, and several Defender features remain in limited or upcoming status. Microsoft's controls are most powerful when agents run within Windows, Entra, and Microsoft Foundry, but most enterprises also run agents across AWS, Google Cloud, and a wide range of SaaS tools. Organizations adopting Agent 365 as their control plane gain visibility within Microsoft's boundaries while inheriting a deeper dependency on that boundary. Every policy checkpoint, isolation layer, and data inspection protects the business but also slows down developers.

For technology leaders, spending originally allocated for model access and experimentation now requires dedicated budgets for governance and identity layers to transition experiments into approved deployments. This layer is becoming as important as model selection itself. Treating non-human identities as a first-class concern is no longer optional when agents can autonomously read data and trigger actions. Avoid lock-in until coverage issues are resolved. Microsoft's stack is attractive to organizations primarily using Windows and Microsoft 365, but the multi-cloud environment most enterprises operate in suggests that the governance layer should remain at least partially portable, achievable through standards like neutral gateways or the Model Context Protocol supported by major platforms.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com