CISO
CIO
Enterprise Architect
Compliance Officer
Industry relevance
Financial Services
Healthcare
Government
Manufacturing
MAY 1, 2026
Agent 365 can now detect AI agents installed directly on employee devices and previously invisible to IT. First discovery will almost certainly surface agents that have never been formally authorized.
Microsoft's May 1, 2026 What's New in Agent 365 announcement introduced a Shadow AI page within Agent 365, enabled by Microsoft Defender and Microsoft Intune. The page identifies local agent activity on Windows devices: agents installed directly on company machines outside IT and security visibility. These local agents can read files, execute code, and act on behalf of users without touching managed cloud services, and were previously invisible to the Agent 365 registry. The Shadow AI page is the first native Microsoft control surface for detecting this category of ungoverned agent.
GOVERNANCE IMPLICATION
Local agents installed directly on company devices represent the highest-risk category of agent sprawl because they access organizational data and execute actions without appearing in any registry, compliance log, or governance framework. The Shadow AI page surfaces these agents for the first time in the Microsoft governance stack. For regulated organizations, the Shadow AI page's initial population will almost certainly reveal agents operating outside any authorization framework. The governance obligation that follows is not simply to see them: it is to determine which are approved, which require retroactive authorization, and which must be removed. Visibility without a defined remediation workflow produces a list, not a governed fleet.
SCENARIO
A large bank enables Agent 365's Shadow AI page in May 2026. The first scan identifies 34 local agents on employee devices across three business lines. None appear in the Agent 365 registry. The CISO asks compliance to determine which were approved by IT. Compliance finds no approval records for any of them. All 34 have been reading files and executing code on company devices for an average of four months without any authorization record.
THE GOVERNANCE QUESTION
When Agent 365's Shadow AI page runs its first scan of your environment, what is your documented process for evaluating each local agent it finds, determining which are approved, which require retroactive authorization, and which must be removed, and who owns that process before the scan runs?
CONTROL GAP
The Shadow AI page surfaces local agents but does not retroactively create authorization records or assign consequence owners. Discovery without a defined remediation workflow leaves the organization with a list of ungoverned agents rather than a governed agent fleet.
REGULATORY RELEVANCE
OCC
FINRA
FFIEC
SEC Cyber
NIST Ai RMF
PRIMARY SOURCE
What's New in Agent 365: May 2026
Microsoft Agent 365 Blog
May 1, 2026
Read the primary source ->(opens in new tab)CONTINUE READING
JUNE 2, 2026
AgentsMicrosoft announced Scout at Build 2026 on June 2, 2026, as the first product in a new agent category called Autopilots. Scout is an always-on agent operating across Microsoft 365 apps including Teams, Outlook, OneDrive, and SharePoint, with its own governed Microsoft Entra identity. It is available in private preview for Frontier enterprise customers requiring a GitHub Copilot subscription, built on the OpenClaw open-source agent framework. The announcement was published on the Microsoft 365 Blog by Omar Shahine, Corporate Vice President, Microsoft 365.
JUNE 2, 2026
AgentsOn June 2, 2026, Microsoft announced the Agent Control Specification (ACS) and ASSERT at Build 2026, authored by Sarah Bird on the Microsoft Foundry Blog. ACS is an open industry specification, part of the Agent Governance Toolkit, that places deterministic safety and security controls at five validation checkpoints in an agent's lifecycle: input, LLM, state, tool execution, and output. Controls are expressed as portable, versionable, auditable policy and are designed to work across any agent framework. ASSERT, a separate open-source project, converts written policies into executable evaluation scenarios. ACS launched with customer and partner endorsement including KPMG, Zscaler, IBM, and Arize AI.
MAY 11, 2026
AgentsMicrosoft Copilot Studio published April 2026 feature updates on May 11, 2026, authored by Nitasha Chopra, VP and COO of Copilot Studio. Key releases include the Analytics Viewer role reaching GA providing read-only access to agent analytics separated from configuration rights; agent nodes embeddable directly into workflows to delegate AI reasoning within deterministic automation; MCP server-enabled tools in preview for external system connectivity within workflows; and a centralized admin-controlled DLP-enforced environment for the Workflows Agent. The post also confirms Microsoft Agent 365 is now generally available as the centralized control plane for agents.