Microsoft Agent 365 Reaches General Availability at $15 per User With Multicloud Registry Sync to AWS Bedrock and Google Gemini
Microsoft's enterprise agent control plane went GA on May 1, 2026, adding local Windows agent discovery, Windows 365 for Agents, and public-preview registry sync to AWS Bedrock and Google Gemini Enterprise.
Editor's Note ·
- Clarification:
- winbuzzer.com is not on the project's source_allowlist. It is a Microsoft-focused tech-news outlet with consistent factual reporting; all claims attributed to it (local Windows agent management, $15/user pricing, Salesforce/ServiceNow exclusion) were verified verbatim against the snapshot during review. Adding winbuzzer.com to config/source_allowlist.txt is recommended.
Overview
Microsoft Agent 365, the company’s enterprise control plane for governing and securing AI agents, reached general availability on May 1, 2026, according to the Microsoft Security Blog. The product is priced at $15 per user per month standalone, or bundled into the new Microsoft 365 E7 enterprise plan at $99 per user per month, as detailed by Nerd Level Tech.
The GA release moves Agent 365 from the Frontier preview tier — first introduced at Ignite 2025 — into a paid commercial product, as Winbuzzer reported. The launch also expands the product beyond cloud-only governance, adding local agent management for Windows endpoints and a public-preview registry sync that pulls inventory from AWS Bedrock and Google’s Gemini Enterprise Agent Platform.
Agent 365 is positioned as a single management layer for what Microsoft describes as growing “agent sprawl” inside enterprises. It builds on architectural patterns the company laid out earlier this year when it extended its Zero Trust framework to AI agents, and on the Microsoft Agent Framework 1.0 developer SDK released in April.
What Shipped at General Availability
The GA release organizes Agent 365 around five core capabilities, according to the Microsoft Security Blog: a registry that gives administrators a single source of truth for every agent in the environment, access controls that limit what agents can read and do, visualization dashboards, interoperability with third-party agent platforms, and security tooling.
Under the hood, the control plane ties into Microsoft’s existing identity and security stack. Each agent is issued its own Microsoft Entra Agent ID with least-privilege permissions, as Nerd Level Tech describes. Microsoft Purview sensitivity labels propagate into agent prompts and gate data-loss-prevention enforcement at the agent level. Microsoft Intune evaluates device posture and can restrict or shut down agents running on non-compliant machines. Microsoft Defender monitors agent runtime behavior — including unexpected child processes, unusual network calls, and tampering with protected registries — and can block agents at runtime when policies trigger.
Microsoft Entra network controls have been extended to Agent 365 agents at GA, restricting outbound connections to approved destinations, the Microsoft Security Blog states. The same blog post lists the components reaching GA versus those entering public preview: the control plane itself, agents operating with delegated user access, agents using their own credentials, and the Entra network-control extension are all generally available, while team-workflow participation, Windows 365 for Agents, AWS Bedrock and Google Cloud registry sync, and Defender context mapping remain in preview.
Local Agents and Windows 365
The most material expansion at GA is local agent management on Windows. Defender now discovers locally running AI agents on Windows endpoints — surfacing both managed and unmanaged “shadow” instances — and Intune distributes the policies that determine whether those agents can keep running, as Winbuzzer reported. Initial coverage targets agents on the OpenClaw platform, with Microsoft committing roadmap support for GitHub Copilot CLI and Claude Code, the same Winbuzzer report states.
Microsoft also introduced Windows 365 for Agents, a new Cloud PC class that places agents on managed virtual desktops with the same identity, security, and management posture as employee endpoints. The tier is in public preview in the United States and requires an Agent 365 license, an Intune license, and an active Azure subscription, according to Winbuzzer.
A second wave of Defender and Intune capabilities — context mapping, policy-based action controls, and runtime blocking and alerts for local agents — is scheduled to enter public preview in June 2026, per the Microsoft Security Blog.
Multicloud Registry Sync
Alongside GA, Microsoft turned on registry sync between Agent 365 and two competing agent platforms: AWS Bedrock and Google’s Gemini Enterprise Agent Platform. Both connectors are in public preview and provide registry-level governance only — discovery, inventory, and basic lifecycle controls — rather than full runtime enforcement, as Nerd Level Tech notes.
The practical implication is that an Agent 365 administrator can now see agents running in Bedrock or Gemini Enterprise alongside Microsoft-hosted agents in a single inventory, even though policy enforcement on those external platforms still falls to their native controls. Winbuzzer notes that Salesforce Agentforce and ServiceNow AI Agents — already in general availability since 2024 on their own platforms — are not part of the current preview wave.
Partners and Customers
Microsoft named two tiers of partners at launch. Enterprise services partners include Accenture, KPMG, Cognizant, Capgemini, Avanade, Deloitte, EY, PwC, TCS, Bechtle, Insight, Protiviti, and Slalom, while software development launch partners include Genspark, Zensai, Egnyte, Zendesk, Kasisto, Kore.ai, and n8n, according to the Microsoft Security Blog. Adobe, SAP, Zendesk, and Manus are also building Agent 365-compatible tools, as Winbuzzer and Nerd Level Tech report.
NTT DATA Group Corporation was named as a launch customer. Yuji Shono, Head of Global AI Office at NTT DATA Group, said: “With Agent 365, we can scale and govern AI agents with confidence, while maintaining enterprise grade security and control,” in a quote published by Microsoft.
Raj Koneru, CEO of Kore.ai, framed the underlying market problem: “Enterprises can easily build AI agents today, but scaling them with trust and governance is where most initiatives stall,” according to the same Microsoft post.
What We Don’t Know
Microsoft has not disclosed how many enterprises participated in the Frontier preview, what attach rates the company is targeting for Agent 365 either as a standalone or inside the E7 bundle, or how the registry-sync connectors will evolve from inventory-only to full runtime enforcement. The June 2026 preview wave for Defender context mapping and Intune policy-based controls also has not been given a firm GA date.
The broader question — whether enterprises adopt a single multicloud control plane or stay with the native governance tools of each agent platform — will not be answerable from a single product launch. AWS Bedrock and Google Gemini Enterprise Agent Platform both ship their own identity and policy stacks, and Microsoft’s registry-sync approach for now reads inventory rather than imposing policy across clouds.