Discover and inventory existing agents in Agent 365 Registry
Implementation Effort: Low – Agent Registry is available in the Microsoft 365 admin center; Microsoft-built and Copilot Studio agents are automatically registered and require no manual onboarding.
User Impact: Low – Admin-only activity; end users are not affected.
Overview
Organizations using Microsoft 365 Copilot, Copilot Studio, and third-party agent platforms accumulate agents rapidly — Microsoft-built agents, partner-developed agents, user-shared agents, and organization-published agents. Each of these agents has its own permissions, data sources, and operational scope. Without a centralized inventory, the security team cannot determine which agents are active, who created them, what data they access, or whether they have been reviewed and approved. This is the AI equivalent of shadow IT, and it creates the same governance blind spot.
The Agent 365 Registry in the Microsoft 365 admin center provides that centralized inventory. It lists all agents integrated with Microsoft 365 Copilot, surfaces agent metadata — including capabilities, data sources, custom actions, and permissions — and exposes governance actions: publish, activate, deploy, pin, block, remove, delete, and reassign ownership. Critically, it also identifies ownerless agents (created by users who have since left the organization) and surfaces a Risks column that aggregates high-severity Microsoft Entra alerts per agent. For agents that use embedded file content as knowledge sources, the registry tracks file sensitivity labels and SharePoint Embedded container details.
This supports Verify explicitly by making every agent's identity, permissions, and data access visible so the organization can validate each one against security and compliance requirements before granting broad access. It supports Assume breach by surfacing high-severity risk alerts directly in the inventory, enabling the security team to identify and block compromised or overprivileged agents before they cause damage. Without this discovery step, agents operate without oversight, ownerless agents persist indefinitely, and the organization has no mechanism to enforce governance over its agent population.