BlueVoyant today launched its Microsoft Agent 365 Security Deployment Service, a targeted professional services engagement designed to help enterprises tame the sprawling population of AI agents inside Microsoft 365. The roughly 90-day project, available as of July 1, 2026, zeroes in on one deceptively simple premise: every agent—whether a Copilot, a custom-built automation, or a third-party integration—must be governed as a distinct digital identity.
The Unseen Spread of AI Agents in the Enterprise
Organizations have rushed to embed AI agents into workflows, often without a coherent security strategy. Microsoft 365 tenants now host agents inside Teams, SharePoint, Outlook, and the Power Platform. Each agent carries its own set of permissions, data access patterns, and authentication tokens. BlueVoyant’s own telemetry, gathered from incident response engagements, shows that the average enterprise already has over 600 active agents performing actions on behalf of users—and most security teams have no complete inventory.
The explosion is accelerating. Microsoft’s Copilot stack lets users create agents with natural language, while Power Automate flows and Logic Apps quietly multiply in the background. Without guardrails, these agents become orphaned identities with unchecked access to sensitive data. BlueVoyant’s service enters at precisely this inflection point.
Why Identity Is the Only Coherent Control Plane
Traditional endpoint and network controls were never built for non-human actors that blend API calls, AI reasoning, and delegated user privileges. An agent might read emails, summarize documents, update CRM records, and trigger financial approvals—all within seconds. If compromised, it can move laterally through apps and services that a human attacker would need multiple exploits to reach.
BlueVoyant’s approach treats agents as full-fledged identities inside Microsoft Entra. That means applying conditional access policies, lifecycle management, and risk-based authentication to every agent. It also means mapping the agent’s effective permissions across the Microsoft 365 estate—including SharePoint sites, Teams channels, Power Platform environments, and Graph API endpoints. This identity-centric view is the only scalable way to answer the question: What can this agent actually do?
Inside the Agent 365 Security Deployment Service
The 90-day engagement is structured around three phases: discover, govern, and secure.
Discover. BlueVoyant deploys a combination of Microsoft-native tools and its own agent monitoring fabric to build a complete inventory of AI agents. The scan covers Entra ID app registrations, service principals, managed identities, and any custom connectors that represent non-human actors. Discovery also surfaces shadow agents that may have been created outside official IT channels—often the hardest to track.
Govern. Once the inventory is in place, the team classifies each agent by risk level, data sensitivity of the resources it touches, and business criticality. Agents that are redundant, over-provisioned, or abandoned are flagged for removal. For those that remain, BlueVoyant defines governance policies: which users can create agents, what approval workflows are required, and how agent lifecycles are managed.
Secure. Finally, the service implements continuous protection. That includes integrating agents into Microsoft Defender XDR for threat detection, applying Microsoft Purview data loss prevention (DLP) policies to agent interactions, and configuring Entra conditional access to enforce multi-factor authentication or device compliance for high-risk agents. BlueVoyant also sets up automated playbooks in Sentinel to quarantine agents that behave anomalously.
The entire engagement is backed by BlueVoyant’s 24x7 managed detection and response (MDR) team, which can take over monitoring after the initial project. Pricing is tailored to the size of the Microsoft 365 environment and the number of agents, but the company says the typical deployment falls between $75,000 and $150,000 for a mid-size enterprise with 5,000 to 15,000 users.
How Agent 365 Security Fits with the Microsoft Security Stack
BlueVoyant has built its reputation as a Microsoft-only security provider, and the Agent 365 service leans heavily on the existing Microsoft toolset. The discovery phase uses Microsoft Graph and Log Analytics, while governance policies are enforced through Entra ID Governance and Privileged Identity Management. On the detection side, Defender XDR receives agent-specific signals from custom workbooks and advanced hunting queries that correlate agent behavior with identity risk scores in Entra ID Protection.
This tight integration means enterprises don’t need to rip and replace existing controls. Instead, BlueVoyant extends the value of licenses many organizations already own. For example, a manufacturer using Microsoft 365 E5 can apply its existing Defender for Cloud Apps and Purview Information Protection to the agents discovered during the engagement. By mapping each agent’s access pattern, the service makes it possible to write DLP rules that block an agent from exfiltrating sensitive documents to unmanaged locations, something that traditional DLP policies often miss because they rely solely on user identity.
Practical Challenges Enterprises Face Today
In conversations with early adopters, several pain points emerge repeatedly. First, agent sprawl: developers and business users spin up agents for quick tasks and then forget them. One financial services firm discovered 47 agents with access to its general ledger data, many of which had been created months earlier for one-off reports. None were being monitored.
Second, permission ambiguity. A Power Automate flow might run under the identity of its creator, but if that creator leaves the company, the flow often continues to run with the departed employee’s privileges. BlueVoyant’s service tackles this by converting such flows to use managed identities or service principals with strictly scoped access.
Third, lack of visibility into actions agents take on behalf of users. Most organizations cannot easily distinguish between a human editing a file and an agent doing so. The Agent 365 service addresses this by feeding agent-specific telemetry into Sentinel, giving SOC teams a unified dashboard that separates human and agent activity.
The Urgency of Treating Agents as Identities
Regulatory pressure is mounting. The SEC’s cybersecurity disclosure rules, GDPR, and sector-specific regulations increasingly treat automated systems as extensions of the responsible entity. If an agent leaks customer data, the liability falls on the organization—even if the agent was created by a well-meaning employee without IT oversight. Classifying agents as identities creates a clear audit trail and accountability chain.
Beyond compliance, the threat landscape is shifting. Last year, Microsoft observed a nation-state actor compromising a low-privilege agent to pivot into a SharePoint farm. Because the agent was not treated as an identity, the breach went undetected for weeks. BlueVoyant points to such incidents as the catalyst for its service.
What This Means for Security and IT Leaders
Security leaders should start by assessing their current agent inventory. If you cannot answer “How many agents do we have?” and “What can they access?” within 24 hours, the risk is already material. BlueVoyant’s service can accelerate readiness, but the underlying principle is what matters: every agent is an identity, and identity hygiene must apply to non-human actors as rigorously as it does to employees.
For IT teams, the operational benefit is cleaner management. By treating agents as identities, organizations can apply the same onboarding, offboarding, and access review processes they already use for users. This reduces the burden on IT while improving security posture.
The release also signals a maturation of the Microsoft security partner ecosystem. As Microsoft continues to embed AI into every layer of the productivity stack, third-party services that bridge the gap between native tooling and enterprise-grade governance become essential. BlueVoyant’s bet is that the market will demand such services as a standard component of any Microsoft 365 deployment.
Looking Ahead
BlueVoyant has hinted at future enhancements, including an agent posture management dashboard that provides real-time compliance scores and integration with AI security frameworks like NIST AI 100-1. The company also plans to offer a lighter-touch assessment for smaller organizations that may not need a full 90-day engagement.
As AI agents become more autonomous, the identity perimeter will only grow in importance. The Agent 365 Security Deployment Service is a concrete step toward treating that perimeter as a first-class security concern.