Microsoft, at its Build 2025 conference, has introduced the public preview of Microsoft Entra Agent ID. This marks a significant move to secure the expanding role of AI agents within enterprises. The new service provides crucial identity and access governance for these non-human actors. Organizations can now manage and audit them via the Microsoft Entra admin center. The initiative directly addresses the growing need for a Zero Trust security framework. This is especially important as AI agents, developed on platforms like Microsoft Copilot Studio and Azure AI Foundry, increasingly perform autonomous tasks.
The urgency for such governance is highlighted by Microsoft’s own rapid internal adoption, the company already utilizes 27,000 AI agents. This number reflects significant “agent sprawl,” a term used by Alex Simons, Microsoft’s corporate vice president for product management and identity security. Simons articulated the core objective, saying: “Our goal is simple: bring the same protections and controls you rely on for workforce identities to AI agents—your new digital teammates.”
This strategy involves integrating agent identities with comprehensive security tools. These include Microsoft Purview for data security and Microsoft Defender for threat protection. Furthermore, Microsoft is fostering an ecosystem through partnerships with workforce systems providers ServiceNow and Workday. The aim is to treat AI agents as integral and secure digital teammates.
Governing the New Agentic Workforce
Microsoft Entra Agent ID, announced at Microsoft Build, extends established workforce identity protections to this new generation of AI agents. Initially, the service supports agent identities created in Microsoft Copilot Studio, Azure AI Foundry, and Microsoft Security Copilot. Identity managers can now view and organize these agents. They can use a new “Agent ID (Preview)” filter within the Enterprise applications section of the Entra admin center. Simons, in discussion with CRN, likened the Agent ID concept to “a car’s VIN number, which automatically comes with every new car and allows the vehicle to be tracked over time.”
Looking forward, Microsoft plans substantial enhancements for Entra Agent ID over the next six months. Microsoft indicates these will include more sophisticated access management, security features, and identity governance capabilities. Support will also broaden to encompass agents from Microsoft 365 Copilot and various third-party solutions.
This vision supports what Microsoft calls the “Frontier Firm,” an organization where human and AI collaboration is central. According to Microsoft’s 2025 Work Trend Index, most organizations are expected to be on this transformative path within two to five years. Industry analyst Frank Dickson of IDC, also referenced by the Microsoft Security Blog, noted that as AI agents become more capable, robust identity measures are vital. He concluded that “Microsoft Entra Agent ID is a huge step” in providing an industry solution.
Zero Trust Meets AI Security and Compliance
Microsoft’s strategy for AI agent security is firmly rooted in its Zero Trust framework. This framework mandates verification for every access request. To bolster this, Microsoft Purview’s data security and compliance controls are being extended to AI agents. This includes native support for agents built within Azure AI Foundry and Copilot Studio. A new software development kit (SDK) for custom AI applications is also part of this. These measures aim to mitigate risks such as data oversharing and support regulatory compliance.
Complementing these efforts, Microsoft Defender will integrate AI security posture management recommendations. Runtime threat protection alerts will also be integrated directly into Azure AI Foundry. This allows developers to proactively address vulnerabilities. A specific enhancement within Azure AI Foundry is the “Spotlighting” capability, now in preview. This feature is built into Content Safety. Its purpose is to improve Prompt Shields against indirect prompt injection attacks. These initiatives align with Microsoft’s broader Secure Future Initiative.
Building an Open and Collaborative Agent Ecosystem
Microsoft emphasizes that securing AI agents effectively requires industry-wide collaboration. The company actively supports and contributes to interoperability protocols. These include Agent2Agent (A2A), a protocol for inter-agent communication, and the Model Context Protocol (MCP). The MCP is being integrated across platforms, including GitHub, Copilot Studio, and Azure AI Foundry. Microsoft describes MCP as a “universal USB-C connector for AI.”
This commitment to openness was echoed by Microsoft CEO Satya Nadella, who said that the company aims to build an open ecosystem. In this ecosystem, no application or AI agent is tied to a specific large language model (LLM). Nadella highlighted GitHub Copilot’s evolution, stating Microsoft is “taking GitHub Copilot from being a pair programmer to peer programmer.”
He further explained that a new full coding agent, built into GitHub, can autonomously complete assigned tasks like bug fixes or new feature development. The GitHub Copilot coding agent is now generally available to Copilot Enterprise and Copilot Pro+ subscribers.
1. Coding agent: We are taking GitHub Copilot from being a pair programmer to peer programmer. You now have a full coding agent built right into GitHub. You can assign it issues – whether it’s bug fixes, new features, or ongoing code maintenance. And it will complete these tasks… pic.twitter.com/ZRPhErOBpk
— Satya Nadella (@satyanadella) May 19, 2025
It functions by creating its own workspace using GitHub Actions to analyze codebases. GitHub CEO Thomas Dohmke elaborated that the agent, ’embedded directly into GitHub,’ begins its work upon being assigned a GitHub issue. It then ‘spins up a secure and fully customizable development environment powered by GitHub Actions.’
The agent pushes commits to a draft pull request, and its progress can be tracked via session logs. Details on the agent’s usage of premium requests and GitHub Actions minutes are available in GitHub documentation.
