Microsoft's Agent 365 announcement on November 18 positioned Microsoft as the infrastructure layer that all agents must flow through to operate in enterprise environments. Not asking enterprises to choose their agents over competitors'. Positioning themselves as the mandatory gateway.

Third-party agents from Adobe, ServiceNow, Workday, and others automatically appear in Microsoft's centralized registry. Every vendor now faces the same choice: integrate with Microsoft's governance framework or risk being blocked as shadow IT.

Why Governance Creates Dependencies

Research shows 82% of companies already use AI agents, with 53% acknowledging those agents access sensitive information daily. When you're running agents at scale, visibility and access control aren't optional features. They're survival requirements.

Microsoft's solution extends the same identity and access management infrastructure enterprises already use for human employees to cover agents. Every agent gets an identity in:

• Entra ID for identity management
• Entra for policy enforcement
• Defender for monitoring
• Purview for compliance

For organizations already running Microsoft's stack, the integration is seamless.

But here's what makes this a control point play: when every agent needs an Entra ID identity, you can't rapidly spin up experimental agents without going through identity provisioning workflows. This is an operational constraint, not a technical limitation. It shapes how agent development happens. Teams that iterate quickly on agent prototypes now face the same approval gates they face for provisioning human users. The governance that makes production deployments safe also creates friction in development cycles.

This matters because Microsoft's proximity to end-user workflows makes their governance layer feel inevitable. With Office apps and Teams as the primary interface where knowledge workers interact with agents, Microsoft can force other tech firms to either integrate or risk having their agents blocked. The convenience is real, but integrated stacks create compounding switching costs.

What the Competition Reveals

The other platforms see what's happening. AWS launched Bedrock AgentCore emphasizing orchestration and deployment readiness. Salesforce built AgentExchange as a marketplace with standardized metadata frameworks. Google announced an AI Agent Marketplace focused on partner ecosystems.

The architectural split is revealing:

AWS's approach optimizes for flexibility and multi-vendor deployments. Microsoft's approach optimizes for governance within their existing infrastructure. Two different bets on what enterprises will prioritize: orchestration independence versus integrated convenience.

What Changes Now

If Microsoft's bet succeeds, we'll see enterprises optimizing agent development for compliance and observability rather than raw capability. The fastest agent to build won't be the one with the most sophisticated reasoning. It'll be the one that integrates cleanly with Entra ID, generates audit logs Defender can parse, and respects Purview policies without custom configuration.

For third-party agent vendors, building the smartest standalone agent matters less than building agents that play nicely with Microsoft's governance infrastructure. Agents that can be provisioned through standard workflows, monitored through standard tools, and deprovisioned when employees leave.

As agents become more embedded in operational workflows—Gartner predicts that by 2028, 58% of business functions will have AI agents managing at least one process daily—the infrastructure layer that manages them becomes strategic. The question now is who builds the best individual agent versus who controls the orchestration layer.

The control points are forming. Enterprises evaluating agent infrastructure aren't just choosing which agents to deploy. They're choosing who controls the infrastructure layer that governs them, a decision with implications that compound as agents become more deeply embedded in how work gets done.