Agent 365 — Govern Your AI Agents — Free Mind Map

CCS governs the M365 Copilot product itself — what data Copilot sees, who can use it, how to roll it out. Agent 365 governs CUSTOM agents built in Copilot Studio, Foundry, or Agent Builder — discovering shadow agents, managing their lifecycle, controlling what data they connect to, monitoring what they do. CCS = Copilot product. Agent 365 = the agent ecosystem AROUND it. Most enterprises need both, but Agent 365 only becomes urgent once your makers start building real agents.

Not yet. M365 Copilot is governed by CCS — the agent governance layer applies once you (or your makers) start building CUSTOM agents in Agent Builder, Copilot Studio, or Foundry. If your makers haven't started yet, you're in 'pre-Agent 365' territory. Watch the signals: shadow agents popping up, makers asking for connectors, security teams seeing unfamiliar service principals. Those are the cues to start the Agent 365 conversation.

Entra Agent ID is Microsoft's identity-management surface for AI agents — same idea as Entra ID for users, but for agents. Each agent gets a registered identity (no shadow agents), assigned to a human sponsor (an accountable owner), tied to a lifecycle policy (auto-retire when sponsor leaves), and granted permissions via time-limited access packages. The 'badge' analogy in the name is intentional: agents are like new hires that need ID, manager, role, and an end date.

Purview policies (DLP, sensitivity labels, communication compliance, audit) now apply to agent identities the same way they apply to user identities. If a user can't share Confidential-labelled content externally via DLP, neither can an agent acting on that user's behalf. Audit logs show prompts, tool calls, data accessed — the same investigation surface admins use for users. The change in 2025-2026 was making agent activity FIRST-CLASS in Purview rather than buried in ad-hoc service-principal logs.