Cheers — Microsoft has launched its new AI agent governance layer, Microsoft Agent 365. If you’re a managed service provider (MSP) or managed intelligence provider (MIP), you may have a lot of questions about this — what Microsoft Agent 365 is, what it does, why now, etc. As your partner in all things Microsoft, Pax8 is here to help break it down for you. But first, let’s get a lay of the land.
Warning: When it comes to AI agents, it’s not all sunshine and rainbows.
The Current State of AI Agents
Here’s a somewhat scary thought: Your clients and their employees are building AI agents — programs that can possibly act autonomously with little to no user prompting or oversight — right now. Tools like Copilot Studio are making it easy for anyone to create an agent that reads SharePoint data, answers questions in Teams or processes emails on a user’s behalf.
Why is that scary? Because it’s only a matter of time before that 30-person accounting firm or 75-seat logistics company has agents running in their environment without IT knowing they exist.
As an MSP or MIP, this should sound familiar. It’s the same shadow IT problem you’ve spent years solving for devices and cloud apps, except this time the risk isn’t just another unapproved tool. It’s an AI-driven workflow acting inside the business with the full permissions of whoever built it.
What Is Microsoft Agent 365?
Microsoft announced Agent 365 on March 9, with general availability due May 1, 2026. The important distinction for partners: Agent 365 isn’t a tool for building agents. That’s still Copilot Studio and Azure AI Foundry. Agent 365 is the governance layer for managing them.
Think of it the way you might think about Intune for devices. It doesn’t do the work. It governs the things that do.
Microsoft organizes Agent 365 around three pillars:
- Observe: Visibility into the agent estate, including a centralized Agent Registry, usage analytics, relationship mapping and risk signals.
- Govern: IT-controlled onboarding, lifecycle management (activate, suspend, retire), ownership controls and policy-driven access through Entra Agent ID.
- Secure: Conditional Access for agents, DLP enforcement on agent interactions through Purview and threat protection through Defender, including prompt injection and data exfiltration detection.
Something worth noting, organizations can start gaining visibility into agents through the Agent Registry before full identity-based governance is applied. That makes early inventory work especially relevant for partners.
Why This Matters for Pax8 Partners
For small and medium-sized business (SMB) customers, the challenge is rarely too much governance. It’s usually the opposite.
For your typical Business Premium or Business Standard customer, there’s no centralized way to see or manage these agents today. Microsoft’s own data shows tens of millions of agents appeared in the Agent 365 registry within two months of preview availability. IDC projects 1.3 billion agents in circulation by 2028.
Without a centralized way to inventory and govern agents, most IT teams can’t answer basic questions: What agents exist? Who owns them? What business data can they access? What happens when the employee who created one leaves the company? That’s why governance matters early.
Think again about your typical Business Premium customer. They move fast, rely on lean IT operations and give business teams freedom to solve problems. That’s a strength until AI-driven automation starts spreading without a consistent operating model around ownership, permissions and oversight.
A marketing coordinator builds an agent that pulls from the company SharePoint site. An office manager sets up an agent to triage incoming emails. We’re not talking about rogue employees. These are productive people using the tools Microsoft is putting in front of them. The problem is that nobody is tracking what those agents can access or what happens when those employees move on.
That’s where partners can differentiate themselves. Instead of waiting for agent sprawl to become a security problem, MSPs and MIPs can lead with an agent governance conversation that sounds familiar to customers:
- Who is allowed to build agents?
- What data can they access?
- How are they reviewed and monitored?
- What’s the offboarding process when ownership changes?
Now, this becomes a managed service opportunity. For partners evolving from MSPs to MIPs, agent governance is a new service category that didn’t exist six months ago. You’re already managing identities, devices and security posture. Agents are the next category of assets that need the same treatment.
Pricing and How to Buy
Agent 365 is available as a standalone at $15 per user per month, and Microsoft 365 E7 includes it in the broader suite at $99 per user per month. The per-user license covers all agents acting on behalf of that licensed user, with no per-agent fees or consumption charges for the governance layer.
For your Business Premium and Business Standard customers, the standalone license at $15 adds the governance foundation they don’t have today: agent visibility, identity, lifecycle management and policy controls. It pairs naturally with the Defender Suite and Purview Suite add-ons that many partners are already positioning for those same customers, strengthening the security and governance story as agents enter the environment.
For enterprise customers E3 or E5, Agent 365 extends the security tools already in place to cover agents. For those running E5 with Copilot, E7 bundles everything into a single governed platform at $99, less than buying the components separately.
Lead with Governance, Not Fear
The strongest partner play here isn’t to overcomplicate things or try to scare your customers into buying something. It’s to make the next step obvious — you want to use the thing, so do it, just do it safely.
Start with a simple governance baseline:
- Inventory the agents in use.
- Identify ownership.
- Review what data and systems they touch.
- Define who can build or approve new agents.
- Document what happens when an agent needs to be paused, reassigned or retired.
That baseline creates a natural path into readiness assessments, security and compliance conversations, and lifecycle management services. For your Business Premium customers, it connects agent governance to the Defender and Purview add-on conversations you’re already having. For enterprise customers on E5 with Copilot, E7 wraps everything into a single governed platform.
Get Started Now
Agent 365 is set to be made available May 1, 2026. CSP launch promotions for annual terms run May 1 through December 31, 2026: 10% off for 10+ seats and 15% off for 100+ seats. Pricelist preview is due April 1.
With this exciting bit of data governance coming (say it with us: data governance is exciting!), now’s the time for Pax8 partners to start having the conversation. Help your Business Premium and Business Standard customers build the governance habits they’ll need as AI agents become part of daily work. That way, they can take advantage of this awesome new technology while staying secure — and keeping you as their trusted partners.
