Microsoft debuts Agent 365 to manage the AI agent flood
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Eniola Odetunde/Axios
Microsoft is rolling out a new system that gives security leaders a way to track all the autonomous AI agents roaming on their systems and the data they're tapping.
Why it matters: The new tool provides a way for security teams to keep an eye on agents — including employees' unsanctioned creations — as concerns mount about agents going rogue.
Driving the news: Microsoft unveiled Agent 365, a dashboard that can track AI agents on a corporate network all in one spot, at its Ignite conference in San Francisco on Tuesday.
- Agent 365 will be available within the Microsoft 365 admin center, the same place IT teams already manage users, apps and devices.
- Agent 365 uses existing Microsoft products, including Defender, Purview and Entra, to detect threats like prompt injection, prevent oversharing of sensitive data, and enforce zero-trust principles for agents.
The big picture: As companies and their employees start to embed AI agents into their workflows, security teams have to contend with serious issues around what data these agents can see and how much autonomy they have to both control and act on this information.
- There have already been incidents of agents deleting live production systems and destroying user files while trying to reorganize them.
- Developers and other employees are also bringing their own unsanctioned AI tools into the mix, creating additional headaches for security leaders trying to gain visibility into the scope and scale of these autonomous actors.
- "Many of the threats that we've seen in the past for people — like social engineering or data exfiltration — all of those same threats still exist for agents," Charles Lamanna, president of business apps and agents at Microsoft, told Axios. "But agents are the most gullible entity that you'll ever meet."
Between the lines: In the emerging autonomous world, some AI agents could get their own individual identities, including login credentials. Others could just be linked to existing employees' accounts.
- This hybrid setup has created a slew of new questions for how security leaders can best monitor agents' activity, Vasu Jakkal, corporate vice president of Microsoft Security, told Axios.
- "All of this is happening against a background of a pretty sophisticated threat landscape," Jakkal said. "The question is: Is AI going to be our greatest ally, or is it going to be our greatest threat?"
How it works: Agent 365 will allow administrators to see how many agents are roaming their systems, how many human employees are using these agents, and what permissions they each have.
- The portal includes details about the number of agents that are live on corporate systems, how many were created just that week, and how many users are running those agents.
- Admins can identify which agents are accessing which resources, flag agents with excessive permissions, and revoke risky access — all within a unified dashboard.
- The dashboard also flags risky agents, including those accessing unfamiliar data sources or showing suspicious behavior patterns.
The intrigue: Agent 365 is not limited to Microsoft-built agents. It will also support agents from partners like Anthropic, SAP, OpenAI, Workday and others.
What's next: Agent 365 rolls out today. Some features are available immediately to all customers, while others require enrollment in Microsoft's Frontier beta program.
