Microsoft’s Vasu Jakkal On Why AI Agents Need Human-Level Security Controls

The rapid rise of AI agents—from chat assistants to autonomous code generators—has shifted security from a peripheral concern to a core design principle. IDC predicts 1.3 billion agents in use by 2028, and 80 percent of Fortune 500 firms already run them in production. Microsoft’s decision to broaden Agent 365 reflects a market reality: enterprises need a single pane of glass that surfaces every agent, whether hosted in Azure or running on a corporate laptop, to prevent shadow‑AI and data leakage.

Agent 365’s strength lies in its deep integration with Microsoft’s existing security portfolio. Defender supplies real‑time threat detection, while Entra provides each agent with a unique identity, enabling zero‑trust policies that mirror those used for human users. Intune extends configuration controls to on‑premise agents, allowing admins to block unsafe execution methods, and Purview enforces data‑handling rules across the AI lifecycle. The newly released SDK lets developers embed these safeguards directly into their code, turning security from an afterthought into a development‑time requirement.

For the broader ecosystem, the move unlocks significant partner opportunities. With more than 20,000 solution providers in Microsoft’s network, Agent 365 is positioned as a partner‑first offering within Microsoft 365 E7, simplifying resale and implementation. As organizations increasingly demand "secure‑by‑design" AI, the unified approach reduces tool fragmentation and accelerates time‑to‑value, giving Microsoft a competitive edge over rivals still piecing together disparate security products. The rollout signals that AI governance will be a decisive factor in enterprise cloud adoption over the next few years.