Microsoft took the wraps off Scout on June 2, 2026 at its Build conference, an always-on AI agent for Microsoft 365 that operates with its own governed Entra identity—a major step beyond simple chat assistants toward persistent, enterprise-managed automation. Built on the open-source OpenClaw framework, Scout marks the company’s first “Autopilot” agent, designed to work across Teams, Outlook, OneDrive, SharePoint, and even the user’s desktop and browser without waiting for prompts.
What Scout Actually Does
Scout isn’t another chatbot. While Copilot responds when you ask it a question, Scout watches for signals—an email that mentions a deadline, a Teams conversation about a stalled project, a calendar that’s filling up—and takes action on your behalf. It can propose meeting times, block focus time on your calendar, surface forgotten commitments, prepare briefing documents by pulling from relevant files and emails, and even monitor browser activity to understand context.
It lives in Teams as its primary interface, making it feel like a colleague you can message. Behind the scenes, it integrates with the entire Microsoft 365 graph: email, files, contacts, calendars, and more. According to Microsoft’s announcement, Scout can also tap into Model Context Protocol (MCP) servers, local resources, and browser sessions, giving it a broad reach that goes well beyond simple plugins. The agent is explicitly powered by the OpenClaw framework, and Microsoft is contributing policy conformance upstream to help bridge the gap between open-source agent flexibility and enterprise compliance needs.
Why Scout’s Own Identity Changes Everything
The most quietly radical part of the announcement is that Scout gets its own Entra ID identity. In practice, that means your organization’s IT department can treat Scout not as a tool you run, but as a non-human worker that must be authenticated, authorized, and audited. This is a massive shift from software that borrows a user’s permissions.
Because Scout has a distinct identity, every action it takes can be logged in Entra, scrutinized by Microsoft Purview data loss prevention policies, and restricted by Intune device policies. If it reads a sensitive file, that access shows up in logs under Scout’s name, not yours. If it tries to send an email, administrators can set rules that require a human to approve first. If it behaves suspiciously, its identity can be disabled or its credentials revoked instantly without affecting your own account.
Microsoft is also scoping its credentials carefully. The agent never gets your password; instead, it uses managed service credentials that are redacted from diagnostic logs and tied to specific, policy-enforced permissions. That reduces the risk of credential theft or accidental over-sharing. For IT admins, this means Scout is manageable like a service account—but one that can reason and make multi-step decisions. The preview requires explicit configuration in Intune, so it won’t just appear on users’ machines without oversight.
How We Got Here: From Copilot Prompts to OpenClaw Agents
The journey to Scout started with the explosion of large language models and the rapid adoption of Copilot in Microsoft 365. Copilot proved that users would accept AI in their daily workflow, but it remained a reactive tool—you ask, it answers. Meanwhile, the open-source project OpenClaw captured developers’ imaginations by creating agents that could run persistently, automate multi-step tasks, and integrate with real tools without waiting for a vendor’s roadmap.
OpenClaw also raised alarm bells among security teams. Its agents could string together actions, access credentials, and interact with systems in ways that were hard to audit. Microsoft’s strategy with Scout is classic: embrace the open-source innovation, wrap it with enterprise controls, and pitch it as the safe, governed path. As first reported by Computerworld, Microsoft is betting that enterprises will accept OpenClaw-style autonomy if it comes with a compliance story that’s legible to auditors.
What Scout Means for Your Organization
The practical impact depends on your role.
For business users: Scout promises to offload administrative busywork. Instead of manually coordinating meetings, digging through email chains for missing decisions, or blocking time for deep work, you might delegate these to the agent. But you’ll need to trust that it understands priorities and doesn’t embarrass you with colleagues. Microsoft’s “human in the loop” approach means you’ll still weigh in on sensitive actions, but the day-to-day friction could drop significantly.
For IT administrators: Scout is a new kind of workload to govern. You’ll need to decide which users get it, what data it can touch, how it authenticates, and what audit trails you require. The good news: because it’s tied to Entra and Intune, you can use existing tools. The challenge: you’re now managing software that can initiate actions across multiple systems, and policy misconfigurations could have broad impact. Start planning a pilot that focuses on governance before productivity.
For developers: Microsoft is building a whole agent stack around Windows. With Scout and the companion announcements—Microsoft Execution Containers, Windows 365 for Agents, local small language models—the desktop becomes a target for agent development. If you’re building internal automation, you can now target a governed execution environment rather than rolling your own security boundaries.
For security teams: Agentic AI introduces new attack surfaces. Scout’s design mitigates some risks with its identity model, but you’ll still need to evaluate how it handles prompt injection, data poisoning, and unintended side effects. The fact that it runs inside a Microsoft Execution Container on Windows is meant to limit blast radius, but early previews will need rigorous testing.
Getting Ready for Scout: A Practical Checklist
Scout is in private preview, and access is gated behind several requirements. If your organization is considering it, here’s what you need to know today:
- Enrollment: You must be part of Microsoft’s Frontier program, designed for organizations testing bleeding-edge features.
- Licensing: Each user who installs Scout needs a GitHub Copilot license—a curious tie-in that suggests Microsoft is targeting technically inclined early adopters.
- Policy Configuration: Intune policies must be set up to enable the agent and define its boundaries. You’ll also need to configure the agent’s Entra identity and permissions.
- Attestation: Your organization will have to formally opt in and acknowledge that you understand the implications of running an autonomous agent.
For admins, the preview period is the time to get your governance ducks in a row. Specifically:
- Map out what Scout should access. Start by limiting it to non-critical Teams channels, generic mailboxes, and test SharePoint sites. Expand gradually.
- Define approval workflows. Use Microsoft’s human-in-the-loop hooks to require explicit confirmation for sending external emails, touching sensitive files, or scheduling meetings with executives.
- Set up logging alerts. Pipe Scout’s Entra activity logs into your SIEM and create alerts for unusual patterns—high volumes of file access, off-hours activity, or interactions with unfamiliar domains.
- Plan for revocation. Know how to disable Scout’s identity and revoke its credentials instantly, and test that process before letting it run in production.
- Educate users. Explain that Scout is not invisible spyware; it acts on their behalf and they can see its activity. Transparency will help avoid backlash.
What to Watch Next
Microsoft is not just releasing a product; it’s staking out a position in the emerging agent economy. Over the next year, expect more “Autopilot” agents for specialized tasks in finance, HR, and legal—each with their own governed identities. Deeper integration between Windows and agent containment will likely make Microsoft Execution Containers a standard way to isolate agent processes. Competition will come from startups and other giants, but Microsoft’s advantage is the existing enterprise infrastructure: most Fortune 500 companies already live in Entra, Intune, Purview, and Microsoft 365. Debates about agent transparency will intensify as autonomous agents become more capable and less supervised. Scout is the first concrete step toward a work environment where humans are not the only participants—it’s a managed service account that can read your email and schedule your meetings. Whether that’s liberating or unnerving will depend on how well Microsoft and your IT team keep it on a leash.