AI agents are multiplying faster than most organizations can track them.
Users are building automations through low-code and no-code tools in Copilot Studio. Third-party agents are connecting into Microsoft 365 from platforms like ServiceNow, Dropbox, SAP, Monday, and LexisNexis.
IT and security teams are losing visibility into what is running, what data it is accessing, and who owns it. Older agents with known issues stay active because no one has a complete picture of what exists.
Agent 365 is Microsoft's answer to that problem. It is the governance and identity layer built specifically for AI agents, and it is one of the four core components that make up the new Microsoft 365 E7 SKU.
Agent 365 treats AI agents as first-class digital identities, giving each one lifecycle policies, access controls, audit trails, and observability capabilities. This is what allows organizations to move from ad hoc agent experimentation to controlled, scalable agent operations.
Agent 365 was announced at Microsoft Ignite in November 2025. It can be purchased as a standalone license and it is included in the Microsoft 365 E7 suite.
Agent 365 serves as the identity, governance, and security backbone for AI agents deployed across Microsoft 365, Azure, and integrated partner ecosystems. Its capabilities are organized around four functional areas.
Agent 365 maintains a centralized inventory of all agents operating inside the environment, including internally built agents, sanctioned third-party agents, and shadow agents deployed without formal approval.
Administrations get one place to see which agents exist, who owns them, what systems they connect to, and whether any are running outdated versions.
Every agent receives an Entra Agent ID, bringing identity-grade protection to non-human actors in the environment. From there, organizations can enforce least-privilege access and conditional access policies that define exactly what each agent is permitted to do, what data it can reach, and under what conditions it can operate. The result is AI agents that function within governed, identity-bound boundaries rather than open-ended access.
Agent 365 gives teams real-time visibility into agent behavior, including which permissions are being used, which systems are being accessed, what actions are being taken, and what the outcomes are. Detailed audit logs make it possible to track performance, review interactions, and investigate anomalies when they surface.
Agent 365 extends Microsoft Defender, Purview, and Entra into the agent layer, so threat detection, data loss prevention boundaries, audit logs, and compliance controls apply directly to agent activity.
Microsoft Purview's e-discovery capabilities cover agent-generated activity the same way they cover user activity, which matters significantly in litigation or regulatory review scenarios.
Agent 365 is one of four components included in the Microsoft 365 E7 SKU, alongside Microsoft 365 E5, the Microsoft Entra Suite, and Microsoft 365 Copilot. E7 is designed for organizations moving from AI experimentation to enterprise-wide AI operations.
Microsoft Agent 365 provides the governance foundation organizations need as AI agents evolve from small automations into core operational components. Centralized visibility, identity-grade access control, security integration, and auditability are not features reserved for large enterprises. They are the baseline requirements for any organizations running agents at scale.
For those preparing to operationalize AI responsibly, Agent 365 is where that structure starts.
Explore the full series: