Foundry Control Plane and Agent 365: Two Control Planes Walk Into an Enterprise
Summary
Microsoft has introduced two complementary control planes for managing AI agents: Foundry Control Plane and Agent 365. Foundry Control Plane, which reached major GA milestones in March 2026, is designed for developers and platform engineers to build, evaluate, trace, deploy, and operate agents. It offers fleet management, agent-level guardrails like prompt injection mitigation and task adherence, integrated observability with Azure Monitor, and continuous evaluation across the agent lifecycle. Agent 365, generally available on May 1, 2026, at \$15 per user per month, targets IT administrators and security teams for organizational-level governance. It treats agents as digital teammates with Entra Agent IDs, providing a unified agent registry, access control, threat protection, data compliance via Purview, and shadow agent detection. Enterprises deploying agents at scale are expected to utilize both platforms for comprehensive governance.
Key takeaway
For IT professionals and MLOps engineers deploying AI agents at scale, you must adopt a dual-control plane strategy. Utilize Microsoft Foundry Control Plane for agent development, continuous evaluation, and operational observability. Simultaneously, implement Agent 365 to establish organizational governance, manage agent identities, enforce compliance, and detect unauthorized "shadow" agents. This layered approach ensures both development quality and enterprise-wide security, preventing agent sprawl and mitigating compliance risks across your digital workforce.
Key insights
Microsoft offers distinct control planes for AI agent development (Foundry) and enterprise governance (Agent 365) to address varied needs.
Principles
- Agents require identity management like human users.
- Continuous evaluation prevents prompt drift.
- Layered guardrails enhance agent security.
In practice
- Assign Entra Agent ID to every agent.
- Run Foundry evaluators continuously.
- Apply least-privilege for agent permissions.
Topics
- AI Agent Governance
- Microsoft Foundry
- Agent 365
- MLOps
- Enterprise Security
- Identity Management
Best for: CTO, AI Architect, VP of Engineering/Data, AI Engineer, MLOps Engineer, IT Professional
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by Microsoft Foundry Blog articles.