Microsoft launches Agent 365 and Zero‑Trust AI at RSAC 2026, cementing identity as core

Agent 365 arrives as a unified control plane that stitches together Microsoft Defender, Entra ID, and Purview to give administrators granular visibility into every AI‑agent interaction across the enterprise. According to The Nexus Guard report, the platform enforces identity‑based governance, blocks data‑oversharing, and surfaces anomalous behavior in real time, effectively turning “agent activity” into a first‑class security asset rather than a black‑box service (The Nexus Guard, Mar 22). The rollout, which moves to general availability on May 1, also introduces a new identity‑security dashboard that aggregates policy compliance, threat detection, and remediation metrics in a single pane, allowing security teams to audit agent lifecycles from provisioning to decommissioning without leaving the Microsoft ecosystem.

Zero‑Trust for AI extends Microsoft’s broader zero‑trust architecture to the rapidly expanding class of generative‑AI workloads. The company released a set of guidance documents and tooling that require continuous identity verification for every AI request, mirroring the same principles that have driven API and network security priorities for CISOs in recent years (VentureBeat, “APIs and zero trust named as top priorities for CISOs in 2023”). A formal Zero‑Trust Assessment for AI is slated for summer 2026, promising a standardized checklist that will evaluate credential hygiene, least‑privilege access, and telemetry coverage for AI services deployed on Azure or hybrid clouds.

Shadow‑AI detection, another component unveiled at RSAC 2026, leverages Entra Internet Access to surface previously unknown AI applications at the network layer. The feature, which entered GA on March 31, scans outbound traffic for signatures and behavioral patterns that match known AI models, flagging rogue or unsanctioned agents that might otherwise bypass corporate policy (The Nexus Guard, Mar 22). By surfacing these “shadow” instances, Microsoft aims to close a gap that its own research identified: 80 % of Fortune 500 firms already use AI agents, and many of those agents can become “double agents,” inadvertently leaking data or executing malicious commands.

The announcements are deliberately framed around identity as the security foundation. Microsoft’s messaging, as captured by The Nexus Guard, emphasizes that “identity is the foundation of modern security, the most targeted layer in any environment, and the first line of defense.” All three new services—Agent 365, Zero‑Trust for AI, and Shadow‑AI detection—rely on Entra ID’s passkey integration and Ed25519‑based cryptographic keys to authenticate agents, enforce policy, and generate audit trails. This identity‑centric approach mirrors the broader industry trend highlighted by VentureBeat, where APIs and zero‑trust frameworks have become top priorities for security leaders (VentureBeat, 2023).

However, the report notes that Microsoft’s solution remains bounded to its own cloud stack. Agent 365 can secure agents that run on Azure, but it does not address cross‑platform identity scenarios where an agent authenticates via Azure AD yet calls services on AWS or GCP, or participates in multi‑organization workflows that span disparate clouds (The Nexus Guard, Mar 22). The lack of a portable, decentralized identity layer—such as the Agent Identity Protocol (AIP) that uses DIDs and verifiable credentials—means that enterprises with heterogeneous environments may still need supplemental tooling to achieve true peer‑to‑peer trust. The report warns that relying solely on Microsoft’s identity infrastructure creates a single point of failure, especially for agents that migrate between clouds or operate outside the Microsoft ecosystem.

In sum, Microsoft’s RSAC 2026 rollout positions identity at the core of AI security, delivering a cohesive set of controls that integrate seamlessly with its existing Defender, Entra, and Purview services. While the offering promises unprecedented visibility and policy enforcement for AI agents within Azure‑centric environments, analysts caution that broader industry adoption will hinge on interoperable standards—DIDs, verifiable credentials, and cross‑protocol trust frameworks—that can extend these protections beyond Microsoft’s borders. The convergence of platform‑specific solutions like Agent 365 with emerging open standards will likely define the next wave of enterprise AI security.