CISO
Enterprise Architect
Compliance Officer
Industry relevance
Financial Services
Healthcare
Government
DECEMBER 17, 2025
MCP-enabled agents now appear in the M365 admin center — for the first time, organizations can see what data and capabilities each agent can reach.
Microsoft added inventory visibility for MCP-enabled agents in the Microsoft 365 admin center. Admins can view the MCP server URL, authentication type, dynamic or static designation, and a full breakdown of capabilities and data sources for each MCP-powered agent in the tenant. Frontier program customers find these under Agents, All agents, Registry.
GOVERNANCE IMPLICATION
MCP server visibility in the Microsoft 365 admin center closes a specific observability gap for agents built on the Model Context Protocol. Before this capability, agents using MCP connectors were often invisible to IT administrators — the admin center showed the agent but not the external capabilities and data sources it could reach through MCP. For regulated organizations, MCP-enabled agents with access to external data sources, APIs, and services represent an expanded attack surface and a compliance scope that was previously difficult to audit. The visibility is the starting point, not the control.
SCENARIO
A financial services firm's security team uses the new M365 admin center MCP inventory to audit its agent population for the first time. They identify an agent built by a business analyst that connects to an external MCP server hosted by a third-party data provider. The MCP server has access to the firm's internal SharePoint library through a connector the analyst configured. The external server was never assessed in the firm's vendor risk management process. The agent has been operational for four months.
THE GOVERNANCE QUESTION
Visibility into your MCP-enabled agents is the starting line. You can now see what each agent can do and what data it can reach. The harder question is not whether you can see them but whether each one has a named owner, a documented scope, a defined expiration or review date — and what happens to your compliance posture when the answer to any of those is no.
CONTROL GAP
MCP server connections established by agents do not require IT approval through any existing procurement or vendor assessment process. An agent creator can add a third-party MCP server connection without IT visibility until the MCP inventory feature is actively monitored by an assigned reviewer on a defined cadence.
REGULATORY RELEVANCE
OCC
FINRA
FFIEC
SEC Cyber
NIST Ai RMF
PRIMARY SOURCE
What's New in Microsoft 365 Copilot | November & December 2025
Microsoft
Read the primary source ->(opens in new tab)CONTINUE READING
JUNE 2, 2026
AgentsMicrosoft announced Scout at Build 2026 on June 2, 2026, as the first product in a new agent category called Autopilots. Scout is an always-on agent operating across Microsoft 365 apps including Teams, Outlook, OneDrive, and SharePoint, with its own governed Microsoft Entra identity. It is available in private preview for Frontier enterprise customers requiring a GitHub Copilot subscription, built on the OpenClaw open-source agent framework. The announcement was published on the Microsoft 365 Blog by Omar Shahine, Corporate Vice President, Microsoft 365.
JUNE 2, 2026
AgentsOn June 2, 2026, Microsoft announced the Agent Control Specification (ACS) and ASSERT at Build 2026, authored by Sarah Bird on the Microsoft Foundry Blog. ACS is an open industry specification, part of the Agent Governance Toolkit, that places deterministic safety and security controls at five validation checkpoints in an agent's lifecycle: input, LLM, state, tool execution, and output. Controls are expressed as portable, versionable, auditable policy and are designed to work across any agent framework. ASSERT, a separate open-source project, converts written policies into executable evaluation scenarios. ACS launched with customer and partner endorsement including KPMG, Zscaler, IBM, and Arize AI.
MAY 11, 2026
AgentsMicrosoft Copilot Studio published April 2026 feature updates on May 11, 2026, authored by Nitasha Chopra, VP and COO of Copilot Studio. Key releases include the Analytics Viewer role reaching GA providing read-only access to agent analytics separated from configuration rights; agent nodes embeddable directly into workflows to delegate AI reasoning within deterministic automation; MCP server-enabled tools in preview for external system connectivity within workflows; and a centralized admin-controlled DLP-enforced environment for the Workflows Agent. The post also confirms Microsoft Agent 365 is now generally available as the centralized control plane for agents.