nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

How do you keep track of AI agents?

Ash C

Solutions from Microsoft, Okta, Permit.io, and LastPass can give you the visibility you need.

Microsoft’s new offerings for tracking and monitoring AI agents

In response to concerns raised at Identiverse 2025, Microsoft has introduced three distinct but interconnected offerings to track AI agents: Microsoft Entra Agent ID, Microsoft Entra Built-in Security Agents, and Microsoft Agent 365 (via Frontier Early Access program):

Microsoft Entra Agent ID is an identity and governance system for AI agents
Microsoft Entra Built‑in Security Agents are AI tools using Agent IDs to operate securely.
The Microsoft Agent 365 platform lets you observe, manage, and secure your AI agents, whether created with Microsoft or third-party platforms.

Best fit if:

You’re already using Microsoft 365, Azure AI Foundry, or CoPilot Studio
You’re already managing users through Entra ID (formerly Azure AD)
You’re in a compliance-heavy industry like healthcare, finance, legal, or government

Not ideal if:

Your business isn’t a Microsoft-first business
You’re a platform-agnostic business using AWS, Google, OpenAI, or Anthropic
You aren’t willing to invest in Microsoft 365 E5 licensing ($57 per user/per month)

#1 Microsoft Entra Agent ID (available in Public Preview)

This is the core identity program for AI agents:

Agent registry: Unified directory of all agents across your organization
Lifecycle Management: Assigns human owners to every agent and is least privilege by default (agents only get exactly what they need to complete tasks)
Conditional access policies: Sets rules for accessing data
Threat protection: Blocks actions by agents attempting privilege escalation or communications with suspicious external sources

#2 Microsoft Entra Built-in Security Agents

This offers three (3) production-ready security agents:

Conditional Access Optimization Agent. Aligns with Zero Trust and continuously monitors your Conditional Access policies and recommends improvements. According to a Microsoft study, businesses using this agent completed Conditional Access tasks 43% faster and 48% more accurately, with a 204% improvement in detecting missing baseline policies.
Identity Risk Management Agent. Identifies risky agents, generates a risk summary, and recommends remediations
Access Review Agent. Automatically gathers insights for each access review, generates approve/deny recommendations, and guides human reviewers through the process via natural language chat in Microsoft Teams

#3 Agent 365 (Frontier Early Access)

This comprehensive control plane was announced at Ignite 2025.

Agent 365 refers to Microsoft 365 Copilot’s agent framework, the AI assistant that works across Microsoft 365 apps like Teams, Outlook, Word, etc.

It gives each AI agent its own Microsoft Entra Agent ID and allows agents to be monitored in the Microsoft 365 admin center.

It has five (5) core capabilities:

Registry. Provides a complete view of all agents in your organization
Access control. Limits agent access to only the resources needed to complete tasks
Visualization. Shows interactions between agents, people, and data and assesses their impact on your business
Interoperability. Equips agents with apps & data to simplify human-agent workflows
Security. Detects threats against agents and remediates attacks against them

Note: For Agent 365, your agents can be built anywhere (whether on Microsoft or third-party platforms), but you must use Microsoft 365 as your management platform.