Microsoft is rolling out a series of governance, security, and multi-agent orchestration capabilities for Copilot Studio as it prepares to launch Agent 365, a dedicated control plane for managing AI agents across the enterprise, on May 1, 2026. The updates arrive as organizations scale AI-driven workflow automation beyond isolated pilots and confront mounting questions about data access controls, policy enforcement, and regulatory compliance. Together, the releases signal Microsoft's intent to redefine how IT departments and lines of business collaborate on governing autonomous AI at enterprise scale.

Background

Before 2025, most AI agents were experimental-narrow in scope, manually triggered, and siloed to individual users or teams. Over the past twelve months, organizations have shifted from exploring AI to expecting measurable impact, moving AI from helping individuals work faster to helping organizations optimize workflows.[1] Copilot Studio provides managed security, governance, and operations management capabilities, giving IT and security teams the visibility, control, and confidence needed to enable agent creation and adoption at enterprise scale.

However, enterprises have discovered a critical gap: most AI agents are deployed without standardized identity, access governance, or security oversight, creating operational blind spots and risks that traditional IT controls were not designed to handle.

Details

Multi-Agent Orchestration Reaches General Availability

This month, Copilot Studio is making several multi-agent capabilities generally available, including Microsoft Fabric integration, Microsoft 365 Agents SDK orchestration, and Agent-to-Agent (A2A) communication-all designed to help agents operate as a coordinated system rather than in isolated silos. With A2A support, Copilot Studio agents can communicate with and delegate work to first-party, second-party, or third-party agents using an open protocol, reflecting that the future of enterprise AI will not belong to a single stack.

The interoperability push also extends to legacy and external systems. Agents can now use unstructured data from platforms like Salesforce, ServiceNow, and Zendesk, as well as structured data from Snowflake, Databricks, and SAP. Copilot Studio now supports more than 1,400 external connectors and Model Context Protocol (MCP) servers for enterprise data integration, according to Microsoft's product documentation.

Agent 365: Identity and Governance at Scale

Microsoft Agent 365 provides a centralized set of capabilities for governing, securing, and operating AI agents at enterprise scale, launching on May 1, 2026. Agent 365 assigns each agent a Microsoft Entra Agent ID, enabling least-privilege access, conditional access, and lifecycle management. The platform provides detailed logging, reporting of agent actions, data security risks, security events, and audit trails to support compliance and performance assessment.

Agent 365 is priced at $15 per user per month as a standalone license and is also included in the new Microsoft 365 E7 suite, priced at $99 per user per month, according to Microsoft's pricing disclosures.

Microsoft Power Platform governance and administration now includes admin controls for agent security, real-time risk assessment in Copilot Studio, and AI-powered governance agents that automate tenant monitoring and remediation.

Regulatory and Security Context

In December 2025, OWASP published the Top 10 for Agentic Applications for 2026-the first formal taxonomy of risks specific to autonomous AI agents. Regulatory frameworks are following: the EU AI Act's high-risk AI obligations take effect in August 2026, and the Colorado AI Act becomes enforceable in June 2026. Microsoft also released an open-source Agent Governance Toolkit on April 2, 2026, an MIT-licensed project that brings runtime security governance to autonomous AI agents, claiming to be the first toolkit to address all 10 OWASP agentic AI risks with deterministic, sub-millisecond policy enforcement.

Outlook

Agent 365 is fundamentally anchored to the Microsoft ecosystem, providing strong governance for agents running through Azure, Microsoft 365, and Entra-integrated systems-but enterprise agents do not confine themselves to one identity plane or one cloud runtime. As multi-cloud and cross-platform agent deployments grow, the adequacy of single-vendor governance models will be tested. Organizations planning to scale AI-driven workflows face a May 1 deadline to evaluate licensing, identity architecture, and policy frameworks ahead of Agent 365's general availability.