Sonnet Code
← Volver a todos los artículos
AI & Machine Learning2 de mayo de 2026·8 min read

Microsoft Agent 365 Just Set the Procurement Floor for Enterprise Agents

Sonnet Code Editorial Team

The control plane shipped before the agents did

On May 1, Microsoft moved Agent 365 out of preview and made it generally available — a unified control plane inside Microsoft 365 to discover, govern, and secure AI agents across Windows endpoints, Azure, and any other cloud the customer happens to be running. It's bundled into the new Microsoft 365 E7 SKU at $99 per user per month, or sold standalone at $15 per user per month. The standalone price is the one to pay attention to: it's the first time the right to govern an agent has been priced separately from the right to use one.

That separation matters more than it sounds. For most of the last two years, "AI governance" inside enterprises has been a slide in a steering-committee deck — a list of principles, a couple of policies, maybe a Center of Excellence with no enforcement teeth. As of May 1, governance is a product, with a SKU, an admin console, and a registry of every agent the org has put into production. That changes who has to pay attention.

What's actually inside Agent 365

Microsoft pitches three pillars: observe, govern, secure. In practice, the GA release ships:

  • A central agent registry. Every approved agent — Microsoft-built, vendor-supplied, internally-built — gets registered with an identity, an owner, a scope of permissions, and a lifecycle state.
  • Cross-cloud registry sync (public preview) that pulls agent inventory from AWS Bedrock and Google Cloud and lands it inside the Microsoft 365 admin surface. The admin doesn't need to log into three consoles; the agent fleet lives in one.
  • A "Shadow AI" page, powered by Microsoft Defender and Intune, that surfaces unmanaged local agent activity on Windows devices and lets IT apply endpoint controls before unsanctioned agents accumulate.
  • Policy and approval workflows at the registry level — who can deploy, who can approve, what scopes are allowed, what gets audited.

The cross-cloud piece is the part most teams misread. Microsoft did not build Agent 365 to be a Microsoft-only governance plane. They built it to be the place where the IT org sees every agent — including the ones running on Bedrock, on Vertex, on private clouds — because the IT org is the buyer and the IT org doesn't pick favorites between hyperscalers. The bet is that whoever owns the registry owns the procurement conversation.

Why this is a procurement event, not a product event

If you sell software into enterprise, the next twelve months of RFPs are going to ask three questions that didn't appear before:

  1. Is your agent registerable in Agent 365 (or an equivalent)? Concretely: does it expose an identity, a permission scope, a lifecycle state, and an audit trail in a format an enterprise IT team can ingest?
  2. What does the human-in-the-loop story look like? Approval flows, escalation paths, override mechanics — all governance-shaped questions the steering deck used to wave at, now answered by checking what fields the agent emits.
  3. How does deprecation work? When the buyer wants to retire your agent, can they revoke its identity, its scopes, and its data access in one operation, or does it take a six-week project?

Vendors that can answer those cleanly are going to clear procurement faster. Vendors that can't are going to lose deals to vendors that can — not because their agents are worse, but because the buying committee added a security and IT seat that wasn't at the table for the last RFP.

What this means for product teams building agents

The shift is concrete and immediate:

  • Bake registration metadata into the agent from day one. Identity, owner, scope, lifecycle state, eval suite reference — these are no longer admin afterthoughts; they're part of the agent's contract with the runtime.
  • Treat the action surface as a governed resource. What systems the agent can write to, with what scope, under what approval — that's what governance teams will diff between v1 and v2 of your agent. Make those diffs visible, not buried in code.
  • Expose a deprovisioning path. When the customer's IT team revokes the agent, what does graceful shutdown look like? In-flight work, queued tasks, dependent agents — all of it needs to handle a revoke event without leaving state corrupted.
  • Write the audit trail before you write the prompt. If the agent can take an action, the action needs to land in a log that an external auditor can read. Retrofitting this after launch is twice the work.

The teams that get this right won't talk about it as governance. They'll talk about it as being deployable in regulated workflows — which is the framing that wins enterprise deals.

Where the floor is now

The clearest read on Agent 365 is that Microsoft just set a floor for what enterprise-grade agentic software has to look like. Not all agents will reach the floor — most consumer-facing or developer-tooling agents don't have to. But agents that want to live inside Fortune 500 IT estates now have a checklist they can pass or fail, and the checklist is owned by the buyer's IT org rather than by the vendor's marketing team.

That's a healthy development. Agent governance was always going to harden into a product category; the open question was whether it would consolidate around a hyperscaler or fragment across a dozen niche vendors. Microsoft moving first, with multi-cloud sync built in, suggests consolidation. Expect AWS and Google to ship matching control planes within two quarters.

Sonnet Code's take

We build agent-integrated products for clients whose buyers care about governance — regulated SaaS, financial services, healthcare, public sector. The Agent 365 GA changes our default architecture: every new agent we ship has a registration manifest, a scoped action surface, an audit-trail-first design, and a deprovisioning path on day one. None of that is exotic; it's the work that used to get added in the third sprint. Now it's part of the first.

If you're building agents for an enterprise audience and the registration story isn't already in your design, the conservative move is to add it before procurement asks. The aggressive move is to lead with it in the sales conversation. We help product teams do both — and on the AI Training side, we run the evals and red-team coverage that lets a customer's IT team stamp the agent as deployable. Talk to us before the next RFP cycle catches you mid-build.

Sigue leyendo.

97% Deployed, 23% See ROI: The Agent ROI Gap Is the Real Story of Q2 2026
AI & Machine Learning7 min read

97% Deployed, 23% See ROI: The Agent ROI Gap Is the Real Story of Q2 2026

Deloitte's State of AI in the Enterprise puts agent deployment at 97% of organizations, but only 23% report significant ROI from those agents and just one in five has a mature governance model for autonomous workflows. The gap isn't model capability — it's the integration, eval, and governance scaffolding that nobody buys and everyone needs.

Sonnet Code Editorial Team · 6 de mayo de 2026
Claude Code's Plugin Ecosystem Crossed 9,000 — and the Integration Layer Quietly Became the Product
AI & Machine Learning6 min read

Claude Code's Plugin Ecosystem Crossed 9,000 — and the Integration Layer Quietly Became the Product

As of May 6 the Claude Code marketplace lists 4,200+ skills, 770+ MCP servers, 2,500+ marketplaces, and 9,000+ plugins total. Prismatic Skills shipped May 4 explicitly to make integration work — auth, multi-tenant deploy, webhooks, connectors — feel native inside Claude Code. The ecosystem has tipped: the IDE is the model's runtime, but the integration layer is now where the differentiation lives, and most of it ships outside Anthropic.

Sonnet Code Editorial Team · 6 de mayo de 2026