CISO
Enterprise Architect
Compliance Officer
Industry relevance
Financial Services
Government
Retail
APRIL 30, 2026
The Agent 365 tooling gateway moves AI agent enforcement to pre-execution blocking. If yours isn’t configured, agents are acting before any control fires.
Microsoft published the inaugural In the Loop security update on April 30, 2026, authored by Alym Rayani, VP of Marketing for Microsoft Security. Highlights include: Microsoft Defender capabilities in preview in the Agent 365 tooling gateway enabling near-real-time detection, blocking, and investigation of anomalous AI agent behavior using webhooks before execution; Defender for Cloud integration with GitHub Advanced Security reaching GA for unified development lifecycle security visibility; and Microsoft Purview Data Security Investigations offering AI-powered deep content analysis for data security incidents.
GOVERNANCE IMPLICATION
The Agent 365 tooling gateway preview shifts the enforcement surface for agent actions from post-incident review to pre-execution prevention — a material change in what can be demonstrated to a regulator. Organizations that have deployed agents without configuring the tooling gateway are running agents that can execute actions before any detection fires. That is the Accountability Assumption in its most exposed form: the assumption that detection and logging is sufficient when the control point is actually pre-execution.
SCENARIO
An enterprise retailer has deployed 12 Copilot Studio agents for inventory, logistics, and customer service workflows. The security team learns the Agent 365 tooling gateway preview enables near-real-time pre-execution blocking of anomalous agent behavior. The CISO asks whether the gateway has been configured for the 12 deployed agents. IT confirms it has not. The CISO then asks what happens when an agent executes an anomalous action before the gateway is configured. The answer: the action executes, is logged, and is reviewed post-incident.
THE GOVERNANCE QUESTION
Have you configured the Agent 365 tooling gateway for your deployed agents — and if not, what is executing before your first detection fires?
CONTROL GAP
Organizations that have deployed agents without configuring the Agent 365 tooling gateway are operating with detection-only coverage — anomalous agent actions execute before any control fires. The shift to pre-execution blocking is available but requires deliberate configuration that most deployments have not completed.
REGULATORY RELEVANCE
SEC Cyber
FFIEC
DORA
OCC
PRIMARY SOURCE
What's new, updated, or recently released in Microsoft Security
Alym Rayani
April 30, 2026
Read the primary source ->(opens in new tab)CONTINUE READING
JUNE 2, 2026
AgentsMicrosoft announced Scout at Build 2026 on June 2, 2026, as the first product in a new agent category called Autopilots. Scout is an always-on agent operating across Microsoft 365 apps including Teams, Outlook, OneDrive, and SharePoint, with its own governed Microsoft Entra identity. It is available in private preview for Frontier enterprise customers requiring a GitHub Copilot subscription, built on the OpenClaw open-source agent framework. The announcement was published on the Microsoft 365 Blog by Omar Shahine, Corporate Vice President, Microsoft 365.
JUNE 2, 2026
AgentsOn June 2, 2026, Microsoft announced the Agent Control Specification (ACS) and ASSERT at Build 2026, authored by Sarah Bird on the Microsoft Foundry Blog. ACS is an open industry specification, part of the Agent Governance Toolkit, that places deterministic safety and security controls at five validation checkpoints in an agent's lifecycle: input, LLM, state, tool execution, and output. Controls are expressed as portable, versionable, auditable policy and are designed to work across any agent framework. ASSERT, a separate open-source project, converts written policies into executable evaluation scenarios. ACS launched with customer and partner endorsement including KPMG, Zscaler, IBM, and Arize AI.
MAY 11, 2026
AgentsMicrosoft Copilot Studio published April 2026 feature updates on May 11, 2026, authored by Nitasha Chopra, VP and COO of Copilot Studio. Key releases include the Analytics Viewer role reaching GA providing read-only access to agent analytics separated from configuration rights; agent nodes embeddable directly into workflows to delegate AI reasoning within deterministic automation; MCP server-enabled tools in preview for external system connectivity within workflows; and a centralized admin-controlled DLP-enforced environment for the Workflows Agent. The post also confirms Microsoft Agent 365 is now generally available as the centralized control plane for agents.