Free Whitepaper
What Governing AI Agents at Scale Actually Takes
Six Microsoft MVPs. One question: is your organization ready to govern the agents already running in your tenant?
Agent 365 is here. It is Microsoft’s control plane for AI agent governance, the infrastructure layer that lets organizations register, manage, secure, and monitor AI agents at scale across Microsoft 365.
This whitepaper brings together some of the most respected voices in the Microsoft community to tell you what it does, what it doesn’t, and what you need to do before the first incident.
Read the whitepaper to find an Easter egg in the form of a free Agent Registry tool!
The Governance Gap Is Already Open
Agent 365 gives organizations the infrastructure to close that gap: a central Agent Registry, Microsoft Entra Agent ID for identity management, Purview integration for data protection, and Conditional Access policies that treat AI agents with the same rigor as human users.
But infrastructure is not a strategy. A registry tells you what exists. Governance tells you who is accountable, what agents can touch, and what happens when something goes wrong. These are not the same thing, and confusing them is exactly where most organizations run into trouble.
Written by 6 Microsoft MVPs
What You’ll Find Inside
This is not a product brochure. It is six practitioners sharing unfiltered views on what enterprise AI agent governance actually requires, and an overview of Agent 365.
Inside this whitepaper:
- The agent sprawl problem: why it’s already in your tenant, and what to do about it before it compounds
- Agent 365 capabilities wishlist: what the MVPs would like to see in Agent 365
- Pricing and ROI, honestly: is $15/user/month worth it? The contributors do not all agree, and the disagreement is useful
- Sensitivity labels and data protection for agents: how to apply your existing Purview investments to the agent layer, and where the model breaks down
- Identity and access management for AI agents: why Entra Agent ID treats agents like digital employees, and what that means for your security posture
- Agent registries reporting different numbers: which count to trust, and why the discrepancy is a governance gap, not a data error
- The data layer underneath: why agents grounded in weak data don’t scale intelligence; they scale mistakes
- Ownership as the governance essentials: why every agent needs a named human accountable for it, and what to do about orphaned agents right now
- What Agent 365 doesn’t govern: and why the Microsoft 365 environment agents live in matters just as much as the agents themselves
- Access to a FREE AGENT REGISTRY TOOL
Get your free Dawn of the Agent 365 whitepaper
Authors: Gokan Ozcifci, Vlad Catrinescu, Frane Borozan, Isabelle Van Campenhoudt, Mike Maadarani, and Antonio Maio.
Introduction by Iva Erceg.
Five Things Every IT Leader Needs to Understand About AI Agent Governance
1. Knowing what you have is not the same as governing it. Visibility is the starting point, not the destination. A registry tells you what agents exist. It does not tell you who owns them, what data they can reach, or who is accountable when something goes wrong. The organizations that treat these as equivalent will discover the gap at the worst possible moment.
2. The data layer matters as much as the agent layer. An agent is only as good as the data it is built on. Organizations that have not done the work of cleaning, certifying, and governing their Microsoft 365 content will not fix that problem by adding agents on top. They will amplify it. Agent 365 governs the agents. The environment they draw from; SharePoint sites, Teams channels, OneDrive files, must be governed separately.
3. Ownership is the governance primitive. Across every perspective in this whitepaper, IT security, compliance, data, architecture, the same principle emerges: if no one owns an agent, that agent should not exist. An ownerless agent is not a technical problem. It is an accountability gap that compounds over time as the agent accumulates access, runs workflows, and drifts from its original purpose.
4. The $15/user/month pricing debate is a proxy for a harder question. The contributors who push back on the price are not arguing that governance isn’t worth paying for. They are arguing that the licensing model matters, that charging every user for governance of agents they may not even know exist is a harder organizational sell than licensing the administrators responsible for managing them. That distinction is worth carrying into your own procurement and business case conversations.
5. This is infrastructure, not a project. Agent 365 at launch is a foundation, not a finished product. Much of what will define it is in preview or forthcoming. The organizations that treat AI agent governance as a continuous practice, with ownership, review cycles, and iteration, will be better positioned than those waiting for the platform to mature before they start.
Also Inside: A Free Agent Registry Tool
This whitepaper has an additional surprise: a free Agent Registry Tool. Find the prototype based on the Microsoft Graph Agent and App Package Management API. It gives you a complete view of agents in your tenant, on demand, with no data stored. No scripts required if you use the web interface. The link can be found in the chapter titled “AI Agents Are Making Governance Non-Negotiable” by Microsoft MVP, Frane Borozan.
About Agent 365
Agent 365 is Microsoft’s AI agent governance platform, launched May 1, 2026. It provides organizations with a centralized Agent Registry, Microsoft Entra Agent ID for AI agent identity management, integration with Microsoft Purview for data protection and compliance, and Conditional Access policy enforcement for AI agents across the Microsoft 365 ecosystem.
Agent 365 is available as a standalone license at $15 per user per month, and as part of the Microsoft 365 E7 bundle at $99 per user per month alongside Microsoft 365 E5, Microsoft Copilot, and the Entra Suite.
