‘We’ve always believed that security is a team sport, and our partners are absolutely critical for us to expand our solutions—with their services on top of it—to all our customers,’ says Vasu Jakkal, corporate vice president of Microsoft Security.
With artificial intelligence agents scaling fast among Microsoft customers, the vendor’s corporate vice president of Microsoft Security is urging partners to adopt its newer governance and observability tools to prevent AI-era security issues like “double agents” and shadow AI.
“We’ve always believed that security is a team sport, and our partners are absolutely critical for us to expand our solutions—with their services on top of it—to all our customers,” Vasu Jakkal told CRN in an interview. “And they are going to need that more than ever.”
On Monday, Microsoft unveiled a series of new offerings that should help its security partners in the battle to contain new attack surfaces that can emerge in the AI era. The Redmond, Wash.-based tech giant on May 1 plans to offer a new E7 package of software and tools aimed at extending the management capabilities organizations use for people, devices and applications to AI agents.
Also on May 1, Microsoft will open up general availability (GA) to its Agent 365 control plane, which enables the observability and governance needed to decrease risk from AI agents.
Microsoft E7, Agent 365
E7 comes as Microsoft prepares to increase prices across a variety of application suites on July 1. Mike Wilson, CTO and partner at Mason, Ohio-based Microsoft partner Interlink Cloud Advisors—a member of CRN’s MSP 500—told CRN in an interview that the price increase is justified by the amount of value Microsoft has been adding to different packages.
“We’ve got to think about that [the price] in the context of what we pay human beings, like what we pay to enable them for technology is small compared to what we actually pay humans,” Wilson said. “The value’s there.”
Talking to CRN before the reveal of E7, he said Microsoft needs to provide the tools needed for succeeding with AI at scale. The agent builder products such as Copilot Studio are important, but Agent 365 providing the governance layer for partners is also critical.
“Agents are going to be transformative,” Wilson said. “Having that governance layer is a huge advantage for Microsoft. I think they’ve done a better job of putting [in] that security and governance layer than any other vendor in the space.”
Although securing AI agents and preventing “double agents” that drift away from their original task and risk data exfiltration or system disruption, or unapproved and orphaned “shadow agents,” present more work for security partners, agentic AI also offers an opportunity, Jakkal said.
AI security tools such as the phishing triage agent speeds up threat detection to make the work more manageable, she said. And with cybersecurity experiencing an endless talent crunch, agents are a way to make growing security demand possible.
“We often think of security as this impediment for innovation,” she said. “Actually, it is a catalyst for innovation growth. Especially with AI.”
Here’s more of what Jakkal had to say about the new E7 license plan and greater access to Agent 365 and how both aim to help Microsoft security partners better protect customers in the AI era.
What is the Microsoft partner opportunity with AI agents?
We are seeing that 80 percent of the Fortune 500 are using agents, which is great. So agents are really scaling fast.
At the same time, there’s also a visibility gap that can happen if the right security controls—so observability, security and governance—are not thought of and not at the center of it.
When we think about all of this AI transformation, which we call ‘frontier’ transformation, [which is] where humans work together with AI and agents so that they can elevate human ambition, there are two pillars which anchor that. There’s intelligence, and there’s trust.
Intelligence cannot scale without that trust. [And] it’s not just IT professionals [using AI]. It’s not just classic developer teams using it. It’s business functions using AI and creating agents. That’s awesome. But we also see that without the right tooling that’s a real risk.
Twenty-nine percent of organizations and leaders, per our Data Security Index report, are using unsanctioned AI [agents]. And about [50 percent] do not have the right security controls. That’s a challenge.
Trust starts with security. And with trust, you can unlock all this innovation that AI can bring and this intelligence that you have.
What should Microsoft security partners know about the upcoming Microsoft 365 E7 suite?
The controls and the governance and the observability that we have for people, we need to extend that to agents with the same tooling so that you are reducing that fragmentation.
This is really about managing AI and agents the same way that we manage people, devices, applications—with the right visibility, the right guardrails, the right governance, the right accountability.
[E7] has Copilot. It has the agents which come with Copilot. And then it has Agent 365. And Agent 365 really brings that observability, security, governance for not just security leaders, but also for all of the IT leaders and the business leaders.
[Security] is not just a security team imperative. It’s a business-decision-maker imperative. It’s a board-level conversation. It needs to be at the board level, just like [how] you manage your human resources.
With Agent 365 becoming generally available with the release of E7, what should partners know about it?
[Agent 365 has] a registry, which gives you this end-to-end visibility. It is done through the Microsoft admin center, so an IT professional or a business leader can go in there. You can see all your agents. You can see which agents have an ID, which don’t.
We need to solve this shadow agent problem as well. It tells you what risk these agents may have. And it tells you who’s using these agents, which agents are working with each other.
We are very excited about Entra Agent ID, which now gives every agent an ID. And we have also extended conditional access with the principles of zero trust.
It also gives you data security control. So we took Purview, which is our data security compliance and governance solution, and now it extends those controls to agents. So you can see … not just the content that the agents have generated, but the content that they access, have the right labeling, have the right sensitivity, have the right policies.
And then Defender, which does threat protection, it has that tooling in the way you protect an organization against attacks, both AI and non-AI attacks. Now these agents also have the same controls.
Collectively, they’re also helping ensure that agents don’t become what we call ‘double agents,’ which is an insider risk. Because, if unchecked, you can have a threat actor manipulate an agent through an indirect prompt injection and get it to do things that it’s not supposed to do.
With Agent 365, we wanted to give our customers and our partners a solution that is an easy button so that it can help them secure the entire organization end to end—across agents, across people, across the entire foundations. We are very excited about what it brings together.
How important are partners in this AI era of business cybersecurity?
We’ve always believed that security is a team sport, and our partners are absolutely critical for us to expand our solutions—with their services on top of it—to all our customers. And they are going to need that more than ever.
We have 20,000 partners across the board for security. We work with our partners on everything from co-creating solutions … to making sure that we are helping our customers deploy these solutions easily.
[Many times] customers don’t have the people needed to even deploy solutions. And it’s getting complex. Our partners help with that. And then many times, our partners are managing those solutions for our customers.
With ME7 and with Agent 365, now they have a broader portfolio that they can support customers with.
In Agent 365, just since the announcement at [Microsoft conference] Ignite, which was in November, we have over 500,000 agents in inventory. So just look at that scale.
These agents, they’re generating tens of thousands of responses for employees every single day. And our partners who support customers also are dealing with that.
Microsoft is customer-centric. And we have been very much partner-centric. And we want to make sure that all this amazing technology that we develop, we’re providing it to our partners so that they can then help our customers and help us scale.
How much is AI changing the threat landscape?
We all already were facing an escalated threat landscape. There were 7,000 password attacks per second, an average of 72 minutes or less from when someone clicks a phishing link for an attacker to get data.
AI is being used to create malware. We know that attackers are using AI. We know they are going to look to manipulate AI. And so we have to make sure that we stay ahead of that. And no company can do this alone.
So this is why partners have always been so critical. And it’s a cooperation process between our partners, between our customers, between us to understand the changing dynamics in security—which is always a combination of geopolitics and it’s a combination of ransomware, which is this thriving industry.
I am really excited about what partners are going to do with this technology.
Why weren’t these governance and control tools available earlier in this AI agent adoption cycle?
When we launched GenAI, we quickly expanded that to start securing AI. If you take Defender in ME5, it helps protect you against AI attacks.
Entra always has been that identity and access solution for us, having the right authentication, the right conditional access. And Purview, from the very beginning, was protecting AI interactions like M365 Copilot.
Over the last year, we’ve seen the scale of agents. And we realize we need to … really think of agents as a workforce and as people, not just as a technology. So we started building that. And that’s the journey that we’ve been on.
It started out with securing AI, then as the world moved to agents, securing agents.
Any updates on Security Copilot?
Security Copilot and the agents that come with it are now integrated in ME5. And of course, that will be available with ME7.
That enables you to have AI in the flow of work, so you have agents in the flow of work.
With Defender, you get the phishing triage agent. That’s great, because you, as these phishing alerts come, your phishing triage alert agent is working right there with you.
We also have a threat intelligence agent, which is fantastic. It gives you customized briefings. That’s available with Defender in our ME5 license.
Similarly, for Entra, you have a conditional access agent. For Purview, you have a data security agent. For Intune, you have a device on-boarding agent. So you have all these agents, which are available.
We have a consumptive model, but we wanted people who have our user license, especially ME5, to just have these agents. I’m excited because that gets carried over. People with ME7 now get these agents.
Our goal is to be very thoughtful and mindful of what agents customers need so that we can put in those agents with value. And we continue to innovate there.
Additionally, we also have agent builder capabilities. Now we have 30-plus agents with partners, as well. So partners now have begun to develop their own agents and make sure that those agents are available with our products.
We should continue to see those innovations because, ultimately, to secure AI we are big believers that you need to have AI for security.
Frontier transformations absolutely need agents with humans to enable that and elevate that human ambition.
Intelligence cannot be unlocked without the foundations of trust, and that’s why security is so critical. And for any customer, leading with security versus bolting it on is the way to unleash that innovation.
We often think of security as this impediment for innovation. Actually, it is a catalyst for innovation growth. Especially with AI.
Are AI agents meaningfully helping yet with the talent gap in security?
The security gap [is] 4.7 million professional roles unfilled.
It takes six months sometimes to hire a tier-three analyst or an identity architect. [And sometimes] we train all these people, and now they have moved on to something else.
That’s why they [CISOs] also want to look at how do they use the agents? That’s why Security Copilot is such a game-changer for them.
They were protecting the organization. Now they have to secure AI. They’re securing people. They’re securing agents. That’s almost double the work that they had to do. And they don’t have enough people many times, most often, to do that work.
Our phishing triage agent helps teams detect threats 6.5 times faster.
Last year we had 30 billion phishing related alerts—30 billion. How do you keep up with that? And now we’re going to have more as AI-powered attacks come.
The CISOs at the security teams are exhausted. They’re burnt out because they’re caught in this tension point. Innovate faster. Innovate faster with AI. Protect faster.
They have to innovate faster. And that’s why I’m excited about ME7 because it does bring Security Copilot agents right into your flow of work.
Now your partners can also build agents for tackling these workflows.
