Agent governance | Microsoft Copilot Blog http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/cs-topic/agent-governance/ Fri, 10 Jul 2026 16:25:32 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 Building reliable voice agents: A practical guide http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/building-reliable-voice-agents-a-practical-guide/ Thu, 25 Jun 2026 16:00:00 +0000 http://approjects.co.za/?big=en-us/microsoft-copilot/blog/?post_type=copilot&p=8035 Learn how to design AI voice agents that handle real conversations, stay reliable under pressure, and scale from prototype to production.

The post Building reliable voice agents: A practical guide appeared first on Microsoft Copilot Blog.

]]>
There’s no question that customer-facing AI can carry a conversation. The question is: Can you trust it to complete one?

When customers talk to your agent, they expect voice experiences to be fast, natural, and get them the answers they need. Where’s my order? Can I change the delivery address? Why do I see two charges? When looking for support, they don’t care what stack you used. They care that the agent keeps up, stays on track, and knows when to hand off.

This is a practical playbook for designing customer-facing voice agents that are not just capable, but reliable. The principles apply on any platform; voice reliability is a discipline, not a feature. It’s the decision points, patterns, and checklists that move you from a voice agent prototype to something you’d confidently put in front of customers.

In this guide, we’ll explore:

In customer service, capability may capture attention, but reliability is what earns trust at scale. As customer-facing AI takes on more consequential interactions, reliability may well determine whether automation creates value in your organization—or creates risk.

Why voice agents demand a higher standard of reliability

Traditional customer service systems have been judged primarily on whether they route customers correctly. Modern voice agents are increasingly expected to understand intent, access business systems, complete transactions, and recover when conversations go off script. Each new capability expands what customers can accomplish—but also raises the consequences of getting something wrong.

Reliability is harder when agents take action.

Voice agent conversations also feel more “live” than chatbot conversations. Customers interrupt, change their minds mid-sentence, and need the agent to remember what they said two turns ago. And because they’re usually calling for help, voice is judged by outcomes: did the issue get resolved, correctly and efficiently?

So customer-facing voice reliability is less about a single accurate answer and more about end-to-end behavior. The voice agent needs to move a conversation from intent to action to confirmation, with guardrails and graceful escalation when automation is no longer the right path.

Good news: you don’t have to clear that bar the same way every time. First, decide what kind of agent the job calls for.

Voice AI options explained: IVR vs. generative vs. real-time

Not every call needs a cutting-edge agent. Over-engineering is its own kind of unreliability. Most platforms let you build across three broad tiers. Our advice is to match the tier to the scenario, not the hype. In general, you can classify voice agents in three tiers:

TierWhat it isBest forTrade-off
Tier 1: Classic interactive voice recognition (IVR)Deterministic menus and prompts using speech-to-text, text-to-speech, and touch-tone (aka dual-tone multi-frequency or DTMF) inputHigh-volume, structured tasks: balance checks, store hours, simple status lookupsPredictable and low-cost, but rigid—callers follow the path you define
Tier 2: Generative AI voiceA model that understands natural speech and generates responses that are grounded in your business dataConsidered the mainstream sweet spot: order tracking, billing questions, appointment changes in the customer’s own wordsFlexible and natural, but needs grounding and guardrails to stay reliable
Tier 3: Premium generative AI with real-time speech-to-speechNative speech-to-speech capability with very low latency, fluid barge-in, and the most natural turn-takingAdvanced or “luxury” experiences where natural, interruption-friendly conversation is the differentiatorHighest capability and most natural feel; reserve it for where that experience moves the needle

Think of real-time voice as the premium tier. It shines when the conversation itself is part of the brand. But many customer-facing scenarios are well served by Tier 1 or Tier 2. Whichever tier you choose, the bar comes down to one word: reliability.

Reliability: The foundation of customer-facing AI

Natural feel, warm tone, flexibility—these voice agent perks only matter if the agent reliably does the job. An agent that drops context or invents a delivery date isn’t delightful; it’s a liability.

Here’s the definition we’ll use: a reliable voice agent consistently completes the customer’s task, handles interruptions and clarifications without losing context, and escalates smoothly—with full context—when human judgment is required.

How do you know if an agent is reliable? We’ll tell you: the same seven behaviors show up in every reliable agent. If yours does all seven, you’re on the right track.

The 7 things every reliable voice agent does

  1. Keeps a clear task thread across changes in phrasing or order.
  2. Grounds answers in the systems that run the business—not guesses.
  3. Confirms key details (the “receipt”) before any consequential action.
  4. Uses voice-specific affordances (DTMF, barge-in, silence detection) to keep calls moving.
  5. Explains what it’s doing while back end actions run.
  6. Recognizes its boundaries and routes to a human.
  7. Leaves the next human with context, not a blank slate.

What reliability looks like in live voice conversations

Here’s an example of each from a real call with an agent from a hypothetical clothing retailer.

1. Keeps a clear task thread.
“Where’s my order—wait, why was I charged twice?” The agent parks the order question, fixes the billing one, then circles back: “That duplicate charge is reversed—now, order #18372 is out for delivery today.”

2. Grounds answers in real systems.
Instead of guessing “three to five days,” the agent reads the live record: “Out for delivery, arriving by 6 PM today.”

3. Confirms the receipt before acting.
Before refunding: “To confirm—cancel the blue jacket on #18372 and refund $89 to your Visa ending 4412—shall I go ahead?” The customer catches a wrong card or item before money moves.

4. Uses voice-specific affordances.
On a noisy line: “I’m having trouble hearing you—type your six-digit order number on your keypad.” Barge-in lets impatient callers cut in; silence detection re-prompts instead of leaving dead air.

5. Explains what it’s doing.
Silence reads as a dropped call, so it narrates: “Give me a moment while I pull up your account—about ten seconds.”

6. Recognizes its boundaries.
“My package never arrived and I want a refund” trips a defined boundary, so it escalates rather than improvising a policy it doesn’t own.

7. Hands off with context.
On transfer it passes a summary: “Identity verified, #18372 marked lost, customer wants a refund”—so the rep picks up mid-stride.

That’s the what of reliable voice agents. Next, the who—because the job of making an agent accurate and trustworthy is almost never owned by just one person.

Who is responsible for voice AI reliability?

Reliability isn’t created by a single feature or team. It emerges from a series of decisions across customer experience, operations, integrations, and governance. Different teams own different parts of that equation, but each contributes to the same outcome: a customer experience that consistently delivers results. Start by identifying which part of reliability you own.

If you ownYour primary goalTypical voice scenariosWhere reliability lives for you
Customer service and support opsDeflect common requestsOrder status, billing questions, appointment schedulingEscalation pathways and consistent outcomes
Contact-center workflowsImprove handle timeIntent triage, case creation, transfer to humanHandoff continuity and edge-case handling
Digital channelsExtend existing chat flowsReschedule, update address, subscription changesContext retention across turns
Systems and platform integrationIntegrate systems safelyAccount lookup, eligibility checks, authenticated actionsData grounding and governance
Custom development and orchestrationCustom user experience (UX) and orchestrationIn-app support, complex multi-step tasksLatency management and tool reliability

You don’t need every piece covered to start—just name the hat you’re wearing today. And now that you have an initial who, let’s move on to how. How do you actually create reliable voice agents?

How to design voice agents around real use cases

Start a voice project by listing features and you’ll get an agent that demos well but struggles in real use. Better: start with a few high-volume scenarios and design around the natural shape of each conversation.

The map below is a starting point. Each scenario needs a primary task, the data to complete it, and an escalation trigger, because nothing is 100% automatable.

Customer scenarioPrimary taskData the agent needsEscalation trigger (example)
Appointment schedulingBook or modify an appointmentAvailability and customer recordNo matching slot/conflict
Order trackingRetrieve delivery statusOrder system and shipping updatesLost package/exception
Billing and paymentsExplain a charge or payment statusInvoice and payment historyDispute, refund request
Service start or stopChange a start date or service optionEligibility and service rulesEligibility failure/safety exception
Account updatesUpdate contact info or preferencesCustomer profileIdentity verification needed

Take order tracking: the task is narrow (“retrieve delivery status”), the data is your order and shipping systems, the trigger is a lost package. Build that end to end before adding billing or returns. One rock-solid scenario beats five shaky ones.

Then build reliability in from the start. Just as every stage of a house build—from the foundation to the framing to the roof—contributes to its strength and stability, every stage of your agent build should contribute to its accuracy and consistency.

A five-pass framework for building reliability into a voice agent

Here’s how to layer reliability in pass by pass, not as a bolt-on at the end.

Pass 1: Define the task and the boundaries

Pick one scenario and write a plain, natural-language success statement: “The customer can check their order status and get an ETA.” Then a boundary statement: “If the order is lost or the customer wants a refund, we hand off to a live rep.”

Those two sentences stop scope creep and give a clean, testable escalation rule. Keep boundaries tight—three or four triggers, not a policy manual.

Pass 2: Design the conversation as a sequence of receipts

Customers can’t see what the agent “stored” unless the agents says it back. Reliable agents use receipts in the form of short confirmations at key points: “Got it—order 18372, shipping to Detroit, latest delivery estimate.” These help head off misunderstandings and interruptions. Issue one whenever the agent captures a key value, and again before any irreversible action.

Pass 3: Use voice-specific controls to keep calls moving

Speech and DTMF input, silence detection and timeouts, latency messages, barge-in, Speech Synthesis Markup Language (SSML), and call transfer aren’t “legacy” capabilities. They’re reliability measures. They help customers recover from recognition errors, give the agent a safe fallback, and prevent dead air.

Pass 4: Ground answers in the systems that matter

Reliability collapses the moment an agent hallucinates an operational fact (delivery window, balance, open slot, etc.). Ask an ungrounded agent when an order will arrive and it might confidently answer, “Thursday.” If that’s wrong, a simple status check becomes a trust problem.

Operational facts should come from systems of record, not model reasoning. And because voice interactions introduce their own opportunities for error, key inputs should be captured carefully: ask once, repeat back, and confirm before taking action.

Pass 5: Prove it works with evaluation-by-scenario

Reliability is demonstrated, not asserted. Build a small per-scenario test set—a dozen realistic calls, including the messy ones (interruptions, wrong inputs, the lost-package path)—and run it whenever you change prompts or integrations. The goal isn’t day-one perfection; it’s catching regressions before customers do.

Together, those passes make up a reusable checklist:

Business-to-consumer (B2C) voice scenario design checklist

  • Scenario is clearly named and outcome-based (not feature-based).
  • Primary task is explicit, plus at least one escalation trigger.
  • Key inputs are captured in a voice-friendly way (ask once, repeat back, confirm).
  • At least one fallback path exists (DTMF option, re-prompt, or transfer).
  • Agent provides “receipts” at key moments so customers can correct course.
  • Long-running actions have a “still working” message to avoid dead air.
  • Handoff includes a short context package for the human.

From prototype to production: What changes?

A prototype can feel great in a demo. Production is different. In a demo, an agent only needs to successfully complete a scenario once. But things change at go-live.

Thousands of customer conversations and edge cases test the agent’s abilities. Customers phrase things differently than your test prompts. They interrupt. They change topics. They provide incomplete information. Your script says “check the status of order #1258;” a real caller says “uh, where’s my stuff?”

The table below provides a simple maturity model for thinking about that progression:

StageWhat you focus onWhat “reliable” means here
PrototypeOne scenario, happy pathConversation is coherent end-to-end
PilotMultiple phrasings and interruptionsAgent recovers from clarifications
ProductionReal data and action-takingGrounded answers and safe actions
ScaleMore scenarios and channelsConsistent behavior and handoff
OptimizeContinuous monitoringQuality improves without regressions

Another important production consideration is where. Through what channel will customers actually engage with the agent? Whether the primary channel is a website, mobile app, or contact-center entry point, choosing that channel early helps you design for that surface’s realities: authentication, user interface (UI) constraints, formatting, and escalation. Picking the primary channel up front can prevent costly rework later.

The why: Earning the right to scale

We’ve covered the what, who, how, and where of reliable voice agents. The final question is why. Why is it so important for organizations to invest in getting this right?

Organizations don’t want AI to be a fun experiment anymore. Like any business asset, voice agents need to deliver value. And reliability is what separates an interesting pilot from a program an organization can confidently scale.

Many organizations can get a voice agent working for a handful of carefully chosen scenarios. The real challenges emerge when they expand: more customers, more channels, and more consequential interactions. That’s when gaps in grounding, escalation, evaluation, and ownership pop up.

A voice agent that loses context, misunderstands requests, or provides incorrect information doesn’t just fail a conversation—it erodes confidence in the broader customer experience. And without customer trust, the opportunity to scale quickly disappears.

The organizations realizing the most value from AI aren’t distinguished by the number of agents they’ve deployed. They’re distinguished by the rigor behind them. Reliability creates the foundation for trust, turning isolated successes into repeatable, governable, and continuously improving customer experiences.

That’s ultimately what this guide has been about: not just how to build a voice agent, but how to build the operational foundation for customer-facing AI.

Building production-ready voice agents with Copilot Studio

The principles in this guide are platform-agnostic by design, and outcomes of course depend on implementation, data, and configuration—but they need a place to come together. Copilot Studio brings together the capabilities designed to help you build reliable customer-facing voice experiences in one platform—from classic IVR through to real-time voice—allowing you to start simple and grow.

The same patterns you’ve seen throughout this guide can be implemented directly in Copilot Studio. Teams can connect agents to systems of record for grounded answers, use voice-specific controls such as DTMF and barge-in to improve call flow, define escalation paths for complex situations, and evaluate agent behavior before deploying changes broadly.

Perhaps most importantly, organizations can start small. A single high-volume scenario—order tracking, appointment scheduling, account updates—can become the foundation for a broader voice strategy. As needs evolve, teams can expand to additional scenarios, channels, and capabilities without rebuilding from scratch.

Ready to get started? Pick one scenario, connect the minimum data required to complete it successfully, and test it end to end in. The most effective voice agents aren’t built all at once—they’re built one reliable customer experience at a time.

Build with confidence

Create reliable voice agents that stay grounded, handle real scenarios, and scale from prototype to production.

Two people review content on a laptop while standing in a shared indoor workspace.

The post Building reliable voice agents: A practical guide appeared first on Microsoft Copilot Blog.

]]>
Who evaluates the evaluators? The data science behind agent evals http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/who-evaluates-the-evaluators-the-data-science-behind-agent-evals/ Thu, 11 Jun 2026 16:00:00 +0000 http://approjects.co.za/?big=en-us/microsoft-copilot/blog/?post_type=copilot&p=7917 An inside look at the data science and evaluation systems helping teams improve agent quality at scale in Copilot Studio.

The post Who evaluates the evaluators? The data science behind agent evals appeared first on Microsoft Copilot Blog.

]]>
At Microsoft Copilot Studio, we talk a lot about ways to make agents better. You can add knowledge sources, fine-tune models, insert prompts, and more. But how do you know whether an agent is actually getting better? How do you detect regressions before your users do? And perhaps most importantly, how do you trust the signals you’re using to make those decisions?

As data scientists, we don’t ship a model without evaluating it. We evaluate it before the first release, and we evaluate it after every meaningful change.

We validate offline, track metrics over time, compare variants, look for regressions, and ask a simple question: Did this change actually make the model better?

When we started building evaluation features in Copilot Studio, we treated them the same way. We asked: Is the evaluation giving the right answer to “is it better”? This is the quality question.

To answer it, we’ll explore three core areas of AI evaluation quality:

  1. The data behind evaluation, and why generated datasets play such an important role in agent testing.
  2. The evaluators (graders) themselves, and how we validate that graders produce reliable signals.
  3. The metrics we use to determine whether those signals are trustworthy enough to support real-world decisions.

Because as organizations increasingly rely on evaluation to improve AI systems, confidence in the evaluation process becomes just as important as confidence in the agent.

From model evaluation to agent evaluation

Traditional machine learning evaluation is relatively well‑defined. You have:

  • Labeled data
  • A clear task
  • A small set of metrics
  • A mostly static input–output mapping

AI agents challenge many of these assumptions.

Agents operate over multi‑turn conversations, adapt to user behavior, use tools, and use implicit reasoning. Accordingly, they are judged across multiple quality dimensions, correctness, completeness, clarity, coherence, tone, and more.

So Copilot Studio ships evaluation features to help makers answer questions like:

  • Did my agent regress after this change?
  • Does quality degrade in longer conversations?
  • Can I trust my agent to behave as expected?

But that immediately raises a second‑order question: How do we know the evaluation features themselves are giving the right answer?

Building the right evaluation data for agents

In data science, we know that evaluation quality is bounded by evaluation data.

If the data you evaluate on is narrow, unrealistic, or biased, the metrics will look confident but be wrong. That principle applies just as much when we evaluate evaluation features as when makers evaluate their agents.

Real data: Grounded, but limited

For makers, Copilot Studio supports importing real production data to evaluate agent performance. Internally, however, we do not use customer data in any form when validating evaluation features.

Instead, we rely on curated examples and generated datasets that allow controlled and systematic testing—what we call semi‑real examples. These include scenarios inspired by conversations shared by design partners, as well as examples curated during feedback cycles.

For us, and for many of our makers, these alone are not sufficient.

Generated data: Scalable, targeted, and intentional

Real and semi‑real examples provide valuable grounding, but in practice, most evaluation workflows (both internally and for makers) rely primarily on generated data. And that isn’t a compromise; it’s an intentional design choice.

Generated data allows evaluation to start earlier, scale faster, and cover a broader range of agent behaviors.

From our perspective as a data science team, generated datasets are essential for supporting the wide variety of agents built in Copilot Studio. They allow us to validate evaluation features across different agent types, domains, and interaction patterns, and to do so at a scale that would not be feasible with curated examples alone.

For makers, the motivations are equally practical:

  • Evaluating before publishing: Generated datasets make it possible to assess agent behavior and quality before the agent is exposed to real users.
  • Limited or restricted access to production data: In many cases, makers do not have access to their agent’s production conversations at all, due to compliance, governance, or organizational policies.
  • Working with production data selectively: Even when production data exists, it often needs filtering or augmentation to support systematic evaluation.

Perhaps the strongest motivation is how easy it is to generate high‑quality evaluation datasets. Copilot Studio enables makers to create test sets that are targeted, repeatable, and aligned with their agent’s intended behavior—without requiring manual data collection.

Evaluating data generation for agent evaluations

Evaluation datasets can be generated in multiple ways. We support multiple data generation strategies because they surface different aspects of agent behavior. When applied together, they give makers practical, high‑coverage evaluation datasets.

Data generation strategies

There are four main types of dataset generation:

  1. Single‑turn generation allows makers to test specific behaviors in isolation. These datasets are easier to reason about and are well‑suited for validating correctness, relevance, and instruction adherence.
  2. Multi‑turn generation adds the complexity of context tracking and conversational dependencies. This is particularly useful for makers building predefined flows or agents whose behavior depends on conversation state.
  3. Knowledge‑based generation tends to produce very concrete, sometimes highly specific questions. These queries are effective for testing grounding and answerability against the agent’s connected knowledge sources.
  4. Topic‑based and instruction‑based generation often lead to more general or exploratory questions. These datasets are useful for identifying unsupported or weakly supported areas—reasonable questions users may ask that fall outside the agent’s main flows.

By combining these generation types, makers can build large and diverse evaluation sets that cover both expected and unexpected usage patterns.

How we evaluate generated queries

Because data generation itself is an evaluation feature, we explicitly assess the quality of generated queries. We use an LLM‑as‑a‑judge methodology to assess dataset quality along several dimensions, including:

  • Relevance. How well queries align with the agent’s intended scope.
  • Interaction naturalness. Whether queries resemble plausible user goals, confusion, and follow‑ups.
  • Human likeness. The extent to which generated queries resemble questions a human would naturally ask.
  • Redundancy. Whether examples add new coverage rather than repeating similar patterns.
  • Intent diversity. The range of user intents represented in queries (for example, informational, troubleshooting, or exploratory).

In addition, we apply generation‑specific measures where appropriate, such as topic coverage for topic‑based generation or grounding for knowledge‑based generation. These assess, for example, whether questions are answerable using the provided sources.

These metrics allow us to reason systematically about whether a generation capability produces datasets that are broad, targeted, and useful for evaluation—without relying on subjective impressions.

Evaluating graders: Assessing the quality of our evaluators

Graders are the evaluators we build to help makers assess their agents. They produce the scores and labels that makers use to understand what works well and what needs to be improved. For that reason, we assess graders explicitly and independently before they are exposed to makers.

What we expect from a high‑quality grader

We treat graders as a system that estimates quality rather than produces one absolute answer. We assess these graders using the same principles we would apply to any automated evaluation system.

Concretely, we ask whether a grader:

  • Measures the intended dimension and only that dimension.
  • Distinguishes between meaningful differences in responses.
  • Behaves consistently across similar inputs.
  • Produces interpretable and stable signals that can support downstream decisions.

A grader that produces reasonable explanations, but inconsistent judgments doesn’t meet the bar.

Purpose‑built datasets for grader assessment

To assess a grader’s quality, we build purpose-built datasets, each tailored to the specific behavior or quality dimension the grader is designed to measure.

Each grader requires targeted datasets designed to measure the specific behavior being evaluated. As a result, the datasets we use for grader evaluation are intentionally designed for that purpose.

In practice, the composition of grader‑specific datasets depends on the grader. For some graders, we rely primarily on human-labeled data. For others, generated data plays a central role, allowing us to construct targeted test cases with known ground truth. Most often, we use a combination of the two, balancing human judgment with scale and control.

A controlled generation methodology

For many graders, we use controlled synthetic datasets with known ground truth.

The process works as follows:

  1. Define a test agent. We start with a well-scoped agent configuration that represents the behavior domain the grader is intended to evaluate.
  2. Generate high-quality queries. Using our data generation capabilities, we create a set of realistic, high-quality user queries aligned with the agent’s scope.
  3. Generate high-quality responses. For each query, we generate responses that meet the expected quality bar for the dimension under evaluation.
  4. Introduce controlled degradations. We then intentionally degrade a subset of these responses in a controlled and traceable way. Each degradation targets a specific failure mode and we explicitly track whether a response was damaged and how.
  5. Use the dataset for evaluation. The resulting dataset contains both intact and intentionally degraded responses, with known ground truth about their quality.

Because we control the transformation applied to each response, we can treat this dataset as labeled. We know which responses should be flagged by the grader, and for what reason.

Measuring grader performance

Now that we know which responses were intentionally degraded and how, we can evaluate graders in a concrete and measurable way. Rather than relying on subjective inspection, we can treat grader assessment as a standard classification problem with known ground truth.

The main metrics we track and optimize when developing graders are true positive rate (TPR) and true negative rate (TNR).

  • TPR measures how often the grader correctly identifies responses that should be flagged. In our context, this reflects the grader’s ability to detect intentionally damaged or low-quality responses when a problem is present.
  • TNR measures how often the grader correctly accepts responses that should not be flagged. This reflects the grader’s ability to avoid false alarms and not penalize responses that meet the expected quality bar.

These metrics capture the core tradeoff every grader must manage: being sensitive enough to catch real issues, while remaining precise enough to avoid over‑penalizing valid responses.

By evaluating graders against datasets with controlled degradations, we can measure TPR and TNR directly, analyze failure modes, and iterate systematically. This allows us to tune grader behavior intentionally—understanding where a grader is too permissive, where it’s too strict, and how changes affect its decision boundaries.

All together, these techniques allow us to move beyond evaluating individual grader performance and toward a broader goal: building evaluation systems whose behavior can be understood, measured, and improved over time.

Bringing rigor to agent evaluation features

So, who evaluates the evaluators? At Copilot Studio, we approach evals with the same rigor we apply to models themselves. Because as teams increasingly rely on evaluation to guide real-world decisions, they need to trust the systems producing those signals.

In this post, we described how we approach that challenge in Copilot Studio: constructing targeted datasets for graders, using controlled generation to create reliable ground truth, and measuring decision accuracy through metrics such as TPR and TNR. These practices help us understand not only whether an evaluation feature works, but how it behaves, where its limitations are, and how it can be improved over time.

Feedback from design partners and customers plays an important role in this process. When real-world examples reveal gaps in a grader or generated dataset, we incorporate those learnings back into our evaluation process to continuously improve the system.

As the industry continues moving from experimental AI systems to production-scale agents, evaluation will become a foundational capability. As AI agents move into production environments, organizations need to trust not just the agents themselves, but the systems used to evaluate them.

For us, rigorous evaluation is a core part of helping teams build and improve agents with confidence. Because better agent decisions start with trustworthy evaluation.

Build more reliable agents

See how generated datasets, grader validation, and scalable testing help improve agent evaluation quality.

Two IT pros in a modern office space gather around a computer that's out of frame.

The post Who evaluates the evaluators? The data science behind agent evals appeared first on Microsoft Copilot Blog.

]]>
Mistral joins Copilot Studio’s growing lineup of model providers http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/mistral-joins-copilot-studios-growing-lineup-of-model-providers/ Thu, 28 May 2026 08:45:00 +0000 Copilot Studio adds Mistral Medium 3.5, expanding model choice with in‑region data control, strong multilingual performance, and admin governance.

The post Mistral joins Copilot Studio’s growing lineup of model providers appeared first on Microsoft Copilot Blog.

]]>
As organizations around the world continue to bring more agents into production, there’s a growing demand for AI models that align with regional expectations around data handling and control. Microsoft Copilot Studio aims to meet this need by combining model flexibility with enterprise-grade governance, empowering teams to choose the best model for a given scenario while maintaining control over how and where data is processed.

Today, we’re expanding that choice with the addition of Mistral Medium 3.5 for agent building and orchestration. Medium 3.5 is currently available worldwide for customers in early release environments.

For organizations in the European Union (EU), this model has the added benefit of providing more flexibility in how their agents are powered, while keeping data processing in-region. It also helps these teams avoid the extra procurement overhead that can come with adding a new model provider.

Medium 3.5, per Mistral, was built for “long-horizon tasks, calling multiple tools reliably, and producing structured output that downstream code can consume.” Reasoning effort is configurable per request, so the same model can answer a quick chat reply—or, alternatively, work through a complex agentic run. You can read more about this model on Mistral’s blog.

Model access and admin controls

We’re rolling out Medium 3.5 for customers in early release environments. As an experimental model, we recommend using it in non-production scenarios while testing and evaluations are completed.

As with all external model providers in Copilot Studio, admins stay in control:

  1. Opt in via the Microsoft 365 admin center to allow the Mistral Medium 3.5 preview for your tenant.
  2. Enable external model providers in the Microsoft Power Platform admin center so makers in your selected environments can select Mistral Medium 3.5 in the Copilot Studio model picker.

Until both switches are on, the model will not appear to makers. This gives IT teams a structured path to pilot, evaluate, and expand usage on their terms.

Get started with Mistral Medium 3.5 in Copilot Studio

  • Admins: Review the enablement guide and model provider terms, then complete the two-step opt-in.
  • Makers: Once your admin has enabled access, open any agent in Copilot Studio and select Mistral Medium 3.5 (Experimental) from the model selector.

Bringing choice and control together

With Mistral Medium 3.5, Copilot Studio continues to expand the range of models available for agent development—while keeping orchestration, governance, and lifecycle management in one place.

The result: customers can choose the right model for each scenario, meet regional and compliance requirements, and scale agents confidently within a unified platform.

More choice. More control. One platform.

Model choice, on your terms

Build and scale agents with flexible models—while keeping control of your data and governance.

A person working on a computer in an open office setting.

The post Mistral joins Copilot Studio’s growing lineup of model providers appeared first on Microsoft Copilot Blog.

]]>
New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/new-and-improved-computer-using-agents-a-new-workflows-experience-and-real-time-voice-experiences/ Tue, 26 May 2026 16:00:00 +0000 Learn what's new in Copilot Studio, May 2026: computer-using agents are now generally available, plus redesigned workflows and Work IQ extensibility.

The post New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences appeared first on Microsoft Copilot Blog.

]]>

Expectations for agents are changing quickly. Teams want to move beyond conversational experiences to systems that can help get work done by interacting with applications, executing workflows, collaborating across tools, and supporting customers more naturally across channels.

But getting there can be tough. Many organizations are still balancing modern, real-time AI experiences with older systems and processes that were never designed to work together. That can leave teams stuck maintaining brittle automations, disconnected processes, and rigid customer interactions that are difficult to evolve. New updates in Microsoft Copilot Studio focus on helping organizations achieve more connected, adaptive automation systems—structured where needed and adaptive where valuable.

Computer use and workflows: Adapt automation to your team’s real work

Traditional automation works best in predictable environments. But many real business processes are anything but predictable. Interfaces change. Vendor portals update unexpectedly. Legacy systems lack APIs entirely. As a result, even relatively simple processes can require constant maintenance just to keep automations running reliably.

That’s the kind of gap computer-using agents are designed to help close.

Computer-using agents are now generally available

With computer-using agents now generally available in Copilot Studio, organizations can build agents that interact directly with websites and desktop applications through the user interface (UI). This helps you automate processes that previously relied on brittle scripts or manual workarounds because the underlying systems lacked APIs.

With the new release also comes new enterprise-ready capabilities designed to help you operationalize UI automation more confidently. Organizations can now manage credentials more securely, choose models best suited for different automation scenarios, and build more resilient automations that can adapt to changing interfaces instead of breaking whenever a screen or webpage changes.

In addition, organizations can now embed computer-using agents directly into multi-step workflows. This feature, now moving into preview, further helps teams combine API-based actions, approvals, business logic, and adaptive UI interactions within the same automation system.

But adaptability automation still needs structure. As organizations scale beyond isolated automations, teams need a way to orchestrate all these in a way that’s easier to understand, maintain, and evolve over time.

That’s where the new workflows experience in Copilot Studio comes in.

A simpler, more intuitive way to build powerful workflows

Now available in early release environments, the redesigned workflows experience introduces a more intuitive visual designer for building and orchestrating agentic automation in one place. Instead of stitching together disconnected tools and logic across multiple surfaces, you can design workflows end-to-end on a unified canvas. This helps you more clearly see how actions, decisions, and AI-powered steps work together across a business process.

A core component of the new experience is the ability to add existing agents directly into workflows. These agent nodes allow you to create automated solutions that keep the scalable reliability of workflows while bringing in AI intelligence when you need it. For example, when a workflow hits a decision that can’t be captured in simple if-then logic—where it needs to use reasoning over context, orchestrate tools, or retrieve knowledge from multiple sources—an agent node can help bridge the gap and make your workflow more effective.

Invoice classification example in Copilot Studio.

The new designer also helps reduce friction for teams building and maintaining these systems. Inline configuration, simplified building blocks, and node-level testing help validate workflow behavior earlier and iterate more quickly. In addition to agent nodes, AI-powered actions like classification, content generation, and decision support can now be incorporated directly into the workflow.

Together, these updates help organizations combine deterministic orchestration with adaptive execution—structured where needed, adaptive where valuable.

How Graebel combines flows and computer-using agents

Graebel, a global leader in talent mobility, processes thousands of employee relocation requests each year. Most of these come in as unstructured emails filled with unique instructions, attachments, and edge cases. Because Graebel’s proprietary Global Connect platform lacked API support, earlier automation efforts proved too rigid to keep up with the variability of real-world requests. That meant lots of manual input and handoffs—which automation was supposed to solve. Basically, Graebel needed automation that could use reasoning, not just click.

Working with GET AI and Microsoft, Graebel built the Graebel Service Order Agent in Copilot Studio using computer use capabilities to help automate the process end to end. The agent can interpret incoming emails, validate requests against business rules, operate Global Connect directly through the UI, and escalate exceptions through workflows when needed.

By adopting Microsoft Copilot Studio and AI agents, we’ve moved beyond traditional automation to a more intelligent, scalable operating model. This initiative strengthens our ability to serve clients faster and more accurately while positioning Graebel for long-term growth.

—Matt Brownlee, Chief Revenue Officer, Graebel

The Service Order Agent is live today and designed to scale across more than 30 relocation service categories. So far, results include a meaningful reduction in manual effort, faster service-order turnaround, more consistent data quality, and a repeatable blueprint for bringing intelligent automation to the rest of their operations.

Connect intelligent automation systems with Work IQ and interoperable agents

As automation systems become more adaptive, another challenge quickly emerges: connection. Even the most capable agent can only go so far if it operates in isolation. Many organizations are still navigating fragmented ecosystems where agents, workflows, APIs, and external tools all function separately. This naturally makes it difficult to share context or complete work across systems without custom integration effort.

This fragmentation—which is very common—slows adoption and makes it harder to scale intelligent automation beyond isolated pilots.

Now, new interoperability and extensibility capabilities in Work IQ help organizations build more connected agent systems—making it easier for agents, workflows, and enterprise tools to operate together across environments.

With the new Work IQ REST API and command-line interface (CLI) capabilities, teams can integrate Work IQ more flexibly into existing operational and development workflows. Support for remote model context protocol (MCP) servers also introduces a more standardized way to connect agents with tools, services, and enterprise resources. This reduces the need for one-off integrations across growing agent ecosystems.

And as organizations deploy more specialized agents across departments and business processes, coordination between those agents becomes increasingly important. With agent-to-agent (A2A) communication now generally available in Copilot Studio, agents can exchange information, delegate tasks, and be set up to work together more effectively across systems and workflows.

Together, these updates continue the shift from isolated AI experiences toward connected operational platforms—where workflows, agents, APIs, and enterprise systems can be designed to collaborate more naturally across the organization.

Learn more about these new Work IQ interoperability and extensibility updates.

Bring more natural, responsive experiences to customer voice interactions

For many organizations, voice support is still one of the most difficult channels to modernize. Customers get stuck in rigid phone trees, repeat information multiple times, or lose context entirely when they’re transferred to a live agent. Meanwhile, service teams are under pressure to handle growing call volumes without sacrificing customer experience.

Copilot Studio is helping organizations move beyond those limitations with real-time voice agents, now generally available in North America through Dynamics 365 Contact Center. These capabilities help organizations build more natural voice experiences that can identify callers, answer questions, take action during conversations, and transition customers to live agents while preserving context.

Support for speech-to-speech (S2S) voice experiences also makes it easier to connect voice agents into existing customer service and operational systems.

Now, as voice agents become part of real customer interactions, governance and operational readiness become increasingly important. A poor escalation experience, missing context during handoff, or lack of monitoring can quickly become a customer trust issue—not just a technical issue.

That’s why we’re also sharing a new in-depth voice agent governance guide. It covers practical considerations for scaling customer-facing and real-time voice agents responsibly, including escalation testing, monitoring, security, compliance, and operational readiness.

Learn more about real-time voice agents in Copilot Studio and explore the new governance guidance for customer-facing voice agents.

What else is new and improved in Copilot Studio

  • A new orchestration layer in Copilot Studio improves how agents execute business processes with greater accuracy and efficiency. Built on an upgraded AI stack, it has demonstrated measurable gains—improving evaluation performance by approximately 20% while decreasing net token consumption by 50%—so agents can complete tasks more reliably and cost-effectively.1 By strengthening tool orchestration and execution quality, the new orchestrator helps ensure more consistent outcomes across complex, multi-step business processes. The result is faster, more dependable automation that scales across enterprise scenarios. This feature is currently in early release environments, where it applies automatically.
  • Agent lifecycle visibility updates help the whole team understand an agent’s approval and publishing status. Agent creators can more easily understand whether an agent is still generating, ready for testing, successfully published, or encountering issues, which reduces guesswork during development and iteration. For IT and platform teams managing agents across environments, clearer publishing and status visibility can make it easier to identify stalled deployments, troubleshoot operational issues, and maintain better oversight as agent programs scale.

All together, these updates are focused on helping teams solve the kinds of problems that slow automation efforts down in the real world: workflows that break when systems change, disconnected tools that create extra manual work, and customer experiences that still feel rigid or fragmented.

With new investments across computer-using agents, workflows, interoperability, and real-time voice, Copilot Studio continues to expand as the agentic platform for building agents, apps, and workflows. The goal is simple: help organizations build systems that are easier to connect, easier to adapt, and easier to operate at scale—without losing the structure, visibility, and governance enterprise teams depend on.

Stay up to date on all things Copilot Studio

More is coming across voice channels, workflows, and the building experience. Check out all the updates as we ship them, as well as new features releasing in the next few months here: What’s new in Microsoft Copilot Studio.

To learn more about Microsoft Copilot Studio and how it can transform productivity within your organization, visit the Copilot Studio website or sign up for our free trial today.

Take your automation further

Design adaptive AI systems that integrate across tools and workflows to help teams get meaningful work done.

Two business professionals looking at the screen of a tablet and collaborating.

1 Source: Microsoft usage data, 2026.

The post New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences appeared first on Microsoft Copilot Blog.

]]>
The in-depth guide to managing real-time voice agents at scale http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/the-in-depth-guide-to-managing-real-time-voice-agents-at-scale/ Tue, 19 May 2026 16:00:00 +0000 Explore an in-depth guide to managing customer-facing real-time voice agents with Copilot Studio, from governance foundations to production readiness.

The post The in-depth guide to managing real-time voice agents at scale appeared first on Microsoft Copilot Blog.

]]>

Governance built into the foundation of your agent program is what separates a successful production deployment from one that stalls—or fails publicly. This guide explains how to design, manage, and scale customer-facing, real-time voice agents using Microsoft Copilot Studio, with a focus on governance, reliability, and enterprise readiness.


Imagine a customer calling your contact center about a billing dispute. A real-time voice agent answers, identifies the customer, references their account history, resolves the issue, and—when needed—hands off to a live agent with full context preserved. Human agents focus on exceptions, not routine queries.

Now imagine that same scenario without agent governance. The agent was built, published directly to production, and never tested for escalation. Monitoring was not enabled. The first signal of a problem is a customer complaint—or a data exposure.

Customer-facing agents are becoming the front door for how organizations engage with customers, handling intent and outcomes across conversational AI experiences. What began as chat has evolved into always-on agents that resolve issues, take action, and now support real-time voice across digital and contact center environments using platforms like Copilot Studio. The opportunity is massive—but so is the cost of getting the foundation wrong. Just as self-service and Q&A agents redefined support at scale, this shift will fundamentally reshape how companies operate.

Why real-time voice agents require a different governance lens

Most organizations already govern internal AI tools designed for known users and controlled environments. Customer-facing agents operate under fundamentally different conditions. There are unknown users, public channels, brand exposure, and direct access to customer data and downstream systems. Failures in these customer experience events mean operational, regulatory, and reputational consequences.

This is why governance cannot be treated as a final approval step. As real-time voice agents scale, governance must be built into how they are designed, deployed, monitored, and evolved from the start. Organizations that treat governance as an accelerant—rather than a constraint—can move faster and more confidently than those who bolt it on later.

Principle: Governance as a design principle can streamline approval, which leads to accelerated scale and adoption.

Why real-time voice agents raise the stakes

Text‑based agents require governance, but real‑time voice introduces stricter operational constraints. Latency budgets are tighter, failures are immediately apparent to customers, and interruption handling, turn‑taking, session state, and escalation behavior directly affect service reliability.

Voice agents are typically deployed in high‑impact scenarios such as billing, orders, and service disruptions, where they integrate with Dynamics 365 Contact Center workflows. In these environments, agents must identify callers, reference active cases, execute actions, and escalate predictably.

For real‑time voice, escalation is a first‑class system requirement. Handoffs to human agents must preserve full conversational context and session state, and be validated under load before production traffic is routed.

Model selection also becomes operationally significant. Copilot Studio real‑time voice agents use purpose‑fit models to balance latency, quality, and reliability while remaining governed through a centralized control plane.

What good looks like: A production voice agent deployment has been tested for escalation behavior, latency under load, and handoff context preservation before any customer traffic is routed to it. Monitoring is active from day one, not added after the first incident.

A governance framework for the full agent lifecycle

Governing customer-facing agents effectively requires capabilities that span the full agent lifecycle. This is especially critical for business-to-consumer (B2C) agents, which operate in always-on, customer-facing contexts and must handle real-time interactions, actions, and sensitive data at scale—particularly in high‑stakes modalities like voice.

Copilot Studio provides this governance as a managed agent platform, enforcing controls through managed operations and managed security across the full lifecycle. That goes from build access and data connectivity to release, monitoring, and auditability. Rather than relying on documentation or custom wiring, governance is centralized in the Microsoft Power Platform control plane and consistently applied across chat, voice, and contact center scenarios.

The following five‑stage governance framework reflects how managed capabilities come together across the full lifecycle of customer-facing agents:

  1. Govern the builder
  2. Govern the build
  3. Govern the release
  4. Govern the runtime
  5. Govern the lifecycle

Stage 1: Govern the builder

Before a single topic is created, agent governance starts with who is allowed to build and what they are allowed to connect.

  • Define builder roles and environments. Specify who can create agents and which environments they can work in, using role‑based access in the Power Platform admin center.
  • Set data access boundaries early. Apply data loss prevention (DLP) policies before development to determine which connectors and data sources agents can use.
  • Maintain environment separation. Use distinct development, test, and production environments to validate changes before deploying them to customer‑facing scenarios.
  • Standardize on managed solutions. Package agents in managed solutions to support versioning, controlled promotion, and rollback across environments.

What good looks like: A new agent builder requests access and is provisioned into a dedicated development environment. DLP policies are pre-applied. They cannot publish to any customer-facing channel without an administrator approval step.

Stage 2: Govern the build

How an agent is built determines how safe and predictable it is in production.

  • Configure authentication by channel. Decide whether sessions are authenticated (Microsoft Entra ID or supported identity provider [IdP]) or anonymous, and design data access accordingly. (For public-facing scenarios like 800 numbers and public websites, anonymous real-time voice sessions are common.)
  • Set generative AI behavior explicitly. Define and check grounding, topic scope, and allowed behaviors rather than relying on default settings.
  • Validate escalation paths. Test and verify handoff to live agents with full conversation context preserved for all voice scenarios.
  • Apply content moderation intentionally. Define clear engagement boundaries, enforce agent governance and policy controls, and rigorously red‑team and validate edge cases before deploying to production.

What good looks like: Testing escalation paths before publishing an agent to a customer-facing channel, so you can go live with more confidence. Catching errors before the first live escalation is critical to creating a good customer experience.

Stage 3: Govern the release

Moving an agent from development to production requires controlled, auditable steps.

  • Standardize promotion paths. Promote agents through dev, test, and production using managed solutions and Power Platform pipelines with an auditable change history.
  • Apply preproduction validation gates. Require checks for conversation quality, escalation behavior, latency under load, and data access before publishing.
  • Plan and test rollback. Define and validate rollback procedures for production issues prior to go‑live.
  • Separate publish authorization. Require explicit approval to publish agents to customer‑facing channels, independent of build permissions.

What good looks like: An agent must pass a defined pre-production checklist and receive administrator approval to publish before any customer traffic reaches it. Every version promotion is tracked in the solution history.

Stage 4: Govern the runtime

Once an agent is live, governance shifts from control to visibility and response.

  • Enable runtime observability. Turn on conversation transcripts and analytics in Copilot Studio before routing customer traffic.
  • Define operational thresholds. Monitor metrics such as escalation rate, resolution rate, latency, and session completion, with alerts for deviations.
  • Establish incident response. Define processes for detecting, triaging, and mitigating production issues in voice agents integrated with Dynamics 365 Contact Center.
  • Monitor usage and capacity. Track session volume, message consumption, and capacity limits to support scaling and stability.

What good looks like: Early detection through active monitoring. Voice agents that interact with customers without active monitoring are operating without a safety net. Issues that could persist for hours without analytics can be caught in minutes with these guards in place.

Stage 5: Govern the lifecycle

Voice agents are not static. They evolve as scenarios expand, customer needs change, and the platform advances. Managing change safely is as important as the initial deployment.

  • Version agent configuration. Track changes to topics, actions, authentication, and generative AI settings using application lifecycle management (ALM) and source control.
  • Validate changes preproduction. Test all updates in non‑production environments to avoid regressions in core scenarios, including voice flows and escalation behavior.
  • Coordinate releases operationally. Communicate deployment windows to IT and contact center operations teams.
  • Evolve governance as scale grows. Reassess role-based access control (RBAC), DLP policies, environment strategy, and publishing permissions as agent count and channel coverage expand.

Platform capabilities that support agent governance

Copilot Studio provides a centralized control plane for building, operating, and governing customer‑facing agents. The platform capabilities below directly enable the governance framework described above and should be configured before scaling B2C deployments:

  • Power Platform admin center: Central governance surface for environments, DLP policies, user access, and capacity management; the primary enforcement layer for agent governance.
  • Environment management: Separate development, test, and production environments to support validation and controlled promotion of customer‑facing agents.
  • Data loss prevention (DLP) policies: Environment‑level connector controls that define which data sources and services agents can access before any connections are established.
  • Managed solutions and Power Platform pipelines: Package agents as managed solutions and promote them through environments with version tracking, rollback support, and an auditable change history.
  • Microsoft Entra ID and channel authentication: Configure customer‑facing authentication using Entra ID or supported identity providers to enable secure, scoped access to customer data.
  • Generative AI controls and content moderation: Per‑agent configuration for grounding, topic scope, allowed behaviors, and content filtering, applied deliberately prior to public deployment.
  • Conversation transcripts and analytics: Built‑in logging and analytics providing runtime visibility into agent behavior, escalation patterns, and coverage gaps.
  • Dynamics 365 Contact Center integration: Native escalation to live agents with case context preservation and unified conversation history for voice deployments.
  • Azure Speech: Underlying speech infrastructure for real‑time voice agents, with implications for latency, reliability, and capacity planning.
  • Dataverse security model: Row‑level and business‑unit security controls governing agent access to customer records in Dynamics‑integrated scenarios.

Security, privacy, and compliance for customer-facing agents

For IT and security teams, governance of customer-facing agents must also address data handling, regulatory requirements, and audit readiness. These are not secondary concerns—they’re often the first gate any enterprise B2C deployment must pass through.

Customer data and PII in voice interactions

Real-time voice agents generate conversation transcripts that may contain personally identifiable information. Establish clear retention policies for these transcripts before deployment. Define who has access to conversation logs, how long they are retained, and whether they are subject to deletion requests under applicable privacy regulations.

Regulatory considerations

Depending on your industry and geography, customer-facing AI agents may be subject to requirements under General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), or sector-specific regulations in financial services or healthcare. Review applicable requirements with your legal and compliance teams before deploying agents to regulated customer scenarios. DLP policies in the Power Platform admin center are a key compliance control.

Audit logging and compliance evidence

Power Platform and Copilot Studio support audit logging through Microsoft Purview and the Power Platform admin center. Ensure audit logging is enabled before production deployment and that logs are retained according to your organization’s compliance requirements.

Credential and secret management

Agents that connect to external systems require credentials and connection strings. Do not store secrets in agent configuration directly. Use environment variables in Power Platform or Azure Key Vault references to manage credentials securely, with access controlled through role assignments.

Note for architects: Security and compliance review should be a gate in Stage 3 (govern the release), not an afterthought discovered during audit. Engage your security and compliance teams in the pre-production validation checklist.


Five anti-patterns that derail production AI deployments

Organizations that have scaled B2C agents successfully tend to have avoided the same set of avoidable mistakes. These are the patterns most likely to cause problems once customer traffic is live.

  1. Skipping environment separation: Building and publishing agents in the same environment, or directly in production, allows untested changes to reach customers and is one of the most common causes of early deployment issues.
  2. Publishing voice agents without tested escalation: Escalation to a live agent is a core part of voice agent design. Untested handoff paths that fail to preserve customer context degrade the experience more than having no agent at all.
  3. Granting broad DLP exceptions under schedule pressure: Temporarily relaxing DLP policies often becomes permanent, introducing data access risk and audit gaps that are difficult to remediate later.
  4. Treating monitoring as a postlaunch activity: When transcripts, analytics, and alerts are not enabled before go‑live, production issues surface through customer complaints rather than operational signals.
  5. Building openended agents without defined scope: Broad, general‑purpose agents are harder to test, govern, and improve than agents scoped to specific customer scenarios with clear success criteria.

How to operationalize voice agents

As teams move from pilots to production, a small set of patterns consistently differentiates voice agent deployments that scale.

  • Start with well‑defined customer scenarios rather than broad open‑ended agents. Clear scope simplifies risk assessment, testing, and measurement. A voice agent designed for order status or billing inquiries is easier to govern and iterate on than one intended to answer arbitrary customer questions.
  • Treat real‑time voice as an extension of existing digital agent governance, not an exception. Teams that have already governed chat‑based agents in Copilot Studio are well positioned to apply the same controls to voice, while accounting for stricter latency, escalation, and runtime requirements.
  • Design escalation as a primary flow, not a fallback. Agents integrated with Dynamics 365 Contact Center should preserve full conversational and case context on handoff. Predictable escalation maintains continuity; dropped context undermines trust.
  • As programs scale, three governance questions remain central:
    • Which customer scenarios are appropriate for automation versus human handling?
    • Where does real‑time voice materially improve the experience versus add operational complexity?
    • How quickly can production issues be detected and resolved once agents are live?

Using Copilot Studio as a governance foundation for agents

Copilot Studio and Power Platform provide a centralized environment for building, operating, and governing agents, which becomes increasingly important as deployments expand from internal use cases to customer‑facing channels.

Establish governance once in Copilot Studio, and scale it across chat, voice, and backend‑driven agents without fragmentation. As a centralized control plane, the platform helps you enforce consistent policies and maintain operational oversight as agents expand across channels, regions, and customer scenarios.

For organizations already using Copilot Studio, many of the governance capabilities described here are available today. Support for real-time voice agents in Copilot Studio is now generally available in North America, with deployments delivered first through Dynamics 365 Contact Center. Language support, additional regions, and broader publishing channels will expand over time as part of Copilot Studio’s ongoing roadmap.

Learn more in the announcement blog for real-time voice agents.

Governance readiness checklist for customer-facing voice agents

Before deploying a customer-facing or real-time voice agent to production, verify governance readiness across these core dimensions.

Access and environment

  • Separate development, test, and production environments are provisioned
  • Role-based access is configured—developers cannot publish directly to production
  • Advanced connector policy is applied to all environments before development begins
  • Publishing permissions for customer-facing channels require administrator approval

Build and configuration

  • Authentication and identity are configured appropriately for the channel (authenticated or anonymous)
  • Generative AI settings, grounding, and content moderation are configured deliberately
  • Credential and secret management uses environment variables or Azure Key Vault references
  • The agent is packaged in a managed solution with tracked versioning

Testing and release

  • Escalation paths to live agents have been tested with context preservation verified
  • Latency and behavior have been validated under simulated load
  • A pre-production validation checklist has been completed and signed off
  • A rollback procedure has been defined and tested
  • Audit logging is enabled and log retention meets compliance requirements

Runtime and operations

  • Conversation transcripts and analytics are active before first customer interaction
  • Operational thresholds (escalation rate, session completion rate) are defined with alerts
  • An incident response procedure is defined and communicated to operations teams
  • Usage and consumption monitoring is in place for capacity planning
  • A change management process is defined for updating live agents

Getting started with customer-facing agents

Organizations ready to operationalize B2C agents should begin with the following steps:

  • Align on priority scenarios. Agree on customer scenarios, scope, success criteria, and escalation requirements before any development begins.
  • Set up environments and governance. Configure separate dev, test, and production environments and apply DLP policies before granting developer access. Define role‑based access and require administrator approval for publishing to customer‑facing channels.
  • Engage security and compliance early. Review applicable regulatory requirements and establish data retention policies for conversation transcripts.
  • Build and validate deliberately. Start with a scoped agent, use managed solutions, and be sure to test and verify escalation paths.
  • Confirm readiness before golive. Complete the governance readiness checklist and enable monitoring and escalation thresholds prior to routing customer traffic.

With the right foundation in place, teams can scale customer‑facing and real‑time voice agents—while maintaining the reliability, security, and operational integrity IT teams are responsible for protecting.

Resources for governing AI agents

Governance starts early

Establish a governance foundation with Copilot Studio that scales across chat, voice, and backend-driven agents.

A person working on a computer in an open office setting.

The post The in-depth guide to managing real-time voice agents at scale appeared first on Microsoft Copilot Blog.

]]>
New and improved: Agent governance, intelligent workflows, and connected app experiences http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/new-and-improved-agent-governance-intelligent-workflows-and-connected-app-experiences/ Mon, 11 May 2026 16:00:00 +0000 See what's new in Copilot Studio, April 2026: updates to workflows, increased control over agent operations, and an expanded agent usage estimator.

The post New and improved: Agent governance, intelligent workflows, and connected app experiences appeared first on Microsoft Copilot Blog.

]]>

As organizations scale their use of AI agents, IT teams face a familiar challenge: how do you expand automation without losing control? Individual agents can be powerful, but as they connect through workflows and integrate across systems, requirements for visibility, governance, and predictability become much more complex. And capability must be grounded in confidence.

The April 2026 updates in Microsoft Copilot Studio focus on building that confidence across the platform. From increasing visibility and governance for admins to expanding intelligent workflow capabilities, these features help you move from isolated automation to connected, reliable systems.

Build and scale agents with better visibility and control

As agents expand across organizations and business processes, admins need clear visibility into how they’re performing, how they’re secured, and what they’ll cost to run. These updates help you manage agents more effectively without adding more friction—or risk.

See agent performance and status more clearly

Copilot Studio now surfaces agent status directly in the authoring experience, giving you immediate insight into each agent’s security and protection posture. You can quickly identify issues like authentication gaps or policy impacts and investigate them at the source. This helps reduce guesswork and speed up resolution.

As you gain clearer visibility into agent performance, you can also share those insights more safely. The Analytics Viewer role, now generally available, introduces read-only access to an agent’s Analytics page.

The Analytics Viewer role allows us to provide meaningful performance insights to business and operational stakeholders while maintaining strict production governance. It cleanly separates operational visibility from agent configuration and publishing rights.

—Mohamed Arhab, Solution Architect, City of Montreal

Allowing analysts and stakeholders to monitor performance, without giving them the ability to modify the agent, helps resolve a long-standing tradeoff between visibility and control. Now it’s easier to share insights broadly while maintaining clear separation of responsibilities.

Speaking of extending visibility and control, there’s more good news: Microsoft Agent 365 is now generally available. Agent 365 is the centralized control plane for managing agents across your environment. This brings together visibility into agent inventory, permissions, behavior, and activity in one place so that you can monitor and govern agents consistently, not just where they’re built.

For Copilot Studio customers, this means the agents you create can be managed alongside agents from Microsoft 365 and partner ecosystems, with shared policies, security controls, and lifecycle oversight. As Agent 365 continues to expand its integrations and multi-agent capabilities, it further strengthens Copilot Studio’s role as the place where agents are built—while governance scales across the full system. Learn more about Agent 365.

Plan and scale with clearer cost visibility

The expanded agent usage estimator now includes Dynamics 365 agents, such as Sales Qualification Agent and Customer Service Agent. By forecasting Copilot credit consumption across both Copilot Studio and Dynamics 365 scenarios in one place, you can model usage more accurately and scale deployments—helping avoid unexpected cost surprises.

With these recent admin updates, the result is fewer bottlenecks, better-informed decisions, and a clearer path to scaling agents across your organization.

Expand workflows into intelligent, governed automation systems

In Copilot Studio, workflows are step-by-step automation processes that complete actions or tasks in a deterministic, reliable way. As workflows become the backbone of business automation, these new updates help you extend their capabilities—bringing in more AI-powered reasoning, centralized governance, and a growing ecosystem of tools in a way that’s reliable and secure by design.

Design and validate workflows with more clarity

One powerful way to make your workflows more adaptable and effective is by embedding Copilot Studio agents directly into them. Using agent nodes inside workflows means that instead of just performing the task with rigid logic, the workflow can delegate reasoning, decisions, or output generation to an agent at any prescribed step of the process.

This makes workflows more resilient to real-world situations—which have a lot of variability—while still following the defined structure that make IT teams less nervous.

In addition to embedding agents, you can now also add and configure AI actions directly within the flow to understand requests, route work, and generate content dynamically. And with the ability to test individual steps using sample inputs, teams can validate behavior earlier, debug more effectively, and refine workflows before they’re deployed.

In practice: Unifi, North America’s largest provider of aviation ground handling services, used Copilot Studio and Power Platform to automate legal contract review by combining agents with deterministic workflows. Instead of relying on a single agent, they broke the process into coordinated steps that extract, classify, and validate key terms across documents. This system reduced contract processing from days to minutes and delivers the same level of performance as much more expensive, off-the-shelf products built specifically for the legal industry.

The result is a workflow experience that’s more adaptable and more predictable to operate. This helps give teams—both makers and administrators—more confidence in creating more sophisticated automation that doesn’t sacrifice clarity or control.

Scale workflows across systems with built-in governance

Speaking of clarity and control, there are also new updates to workflows that help you scale automation without introducing new governance risks.

Workflows can now connect to a broader ecosystem of tools, including model context protocol (MCP) server-enabled tools (preview), which makes it easier to take action across systems while staying within Microsoft security, permission, and compliance boundaries. This allows workflows to execute tasks and involve users for review and approval within governed processes.

We’ve also introduced a centralized, admin-controlled environment for Workflows Agent. This makes it easier to apply data loss prevention (DLP) policies consistently and maintain visibility across automation, so workflows remain compliant by design, even as they scale.

Together, these updates make it easier to move from isolated automations to connected, intelligent systems. With those systems, you can scale workflows across your organization with greater confidence, control, and flexibility.

Bring business apps directly into your agents

As agents become part of everyday work, a common gap emerges: they can generate insight, but acting on that insight often requires switching tools, re-creating context, or handing work off across systems. Support for apps in agents, now generally available, helps to close that gap.

Turn intent into action inside Copilot Chat

Agents built in Copilot Studio can now surface rich, interactive app experiences directly in Copilot Chat, allowing users to review data, update records, approve requests, or create assets in place. Instead of switching tools or re-creating context, work happens seamlessly within the flow of conversation. This helps reduce friction and empowers teams to move faster from insight to execution.

Animated UI showing Adobe Express embedded in Microsoft 365 Copilot chat, where a user accesses design templates and visuals directly within the conversation.

Work across the systems your business already runs on

Apps in agents bring together Microsoft and partner applications—from Power Apps to Dynamics 365 and beyond—so agents can take action across the systems your teams already use. These experiences are built and orchestrated in Copilot Studio, where you define how agents interact with apps, data, and workflows to support real business processes.

Extend and scale with trusted integrations

Through the Agent Store, you can adopt ready-made agent experiences or extend your own with partner-built integrations—while maintaining enterprise-grade security, permissions, and admin control. Options include:

  • Adobe Express (seen above)
  • Box
  • Figma
  • Monday.com
  • Wix

These options (and more) make it easier to scale agent usage across your organization without losing oversight.

These capabilities, all generally available now, help teams shift agents from being informational tools to operational ones. They bring real business actions into Copilot Studio agents in a way that’s both more functional for users and manageable for IT—helping teams complete work efficiently while maintaining the governance needed to scale.

Learn more about apps in agents.

What else is new and improved in Copilot Studio

  • Evaluation insights and automation updates now make it easier to generate test cases from analytics, simulate multi-turn interactions, and automate evaluations through APIs and connectors. You can turn real user conversations into targeted test sets, better reflect complex, real-world scenarios, and run evaluations programmatically. Together, these capabilities help you operationalize agent quality and maintain confidence as you scale.
  • Custom metrics for outcome-based measurement help you track what actually matters to your business, not just usage. Define success in your own terms—like resolution rates or conversions—and automatically evaluate conversations against those outcomes, making it easier to understand impact, align stakeholders, and make data-driven decisions.
  • Work IQ API is now available in public preview to bring Copilot’s intelligence layer—grounded in organizational context, memory, and signals—into your own agents and workflows. With built-in orchestration and enterprise-grade security, you can build agents that understand what’s happening across your business without managing raw data or complex integrations.
  • Agent-to-agent (A2A) communication is now supported in Work IQ, allowing agents to collaborate as peers and delegate tasks using shared organizational context. This makes it easier to build multi-agent systems that can coordinate work, maintain context across interactions, and deliver more grounded, role-aware outcomes.
  • GPT-5.5 Thinking is now available in Copilot Studio early release cycle environments as GPT-5.5 Reasoning, further expanding model choice with its more advanced analysis capabilities. This model is also rolling out across Microsoft 365 Copilot in Copilot Chat, Word, Excel, and PowerPoint.

Stay up to date on all things Copilot Studio

More is coming across voice channels, workflows, and the building experience. Check out all the updates as we ship them, as well as new features releasing in the next few months here: What’s new in Microsoft Copilot Studio.

To learn more about Microsoft Copilot Studio and how it can transform productivity within your organization, visit the Copilot Studio website or sign up for our free trial today.

Build agents your way

Create, deploy, and scale custom agents and workflows with Copilot Studio.

A person working on a laptop.

The post New and improved: Agent governance, intelligent workflows, and connected app experiences appeared first on Microsoft Copilot Blog.

]]>
New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/new-and-improved-multi-agent-orchestration-connected-experiences-and-faster-prompt-iteration/ Wed, 01 Apr 2026 16:00:00 +0000 Learn what's new in Copilot Studio: Multi-agent systems are now generally available, plus recent updates to the Prompt Editor and governance controls.

The post New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration appeared first on Microsoft Copilot Blog.

]]>

Microsoft Copilot Studio helps organizations move beyond isolated AI experiences and build connected systems of agents that can scale, adapt, and deliver real business value. Recent enhancements focus on making it easier for agents to work together across tools and data sources, while giving makers more control over how those agents behave in production.

What you’ll see this month: New generally available capabilities for multi-agent coordination across Microsoft Fabric, the Microsoft 365 Agents SDK, and open Agent-to-Agent (A2A) protocols—all of which help agents collaborate across your ecosystem and perform more valuable work. Plus, you’ll find updates to prompt authoring, model choice, and governance controls that can help make it faster to build and refine high-quality agent experiences with confidence.

Agents that work together across your entire ecosystem

The challenge in scaling AI inside an organization isn’t creating a useful agent. It’s about getting many agents—across teams and tools—to work together in a way that’s reliable and repeatable.

In many organizations, data teams might build one kind of agent, app teams another, and productivity teams yet another. Each agent can be valuable on its own, but once a workflow needs knowledge from one system, reasoning from another, and action in a third—teams often run into brittle handoffs and custom integration work. This slows agent adoption and makes it harder to move from promising pilots to real business impact.

This month, Copilot Studio takes a meaningful step forward: several multi-agent capabilities are rolling out to general availability over the next few weeks, giving your teams new ways to connect and orchestrate agents across your ecosystem. These updates include Microsoft Fabric integration, Microsoft 365 Agents SDK orchestration, and Agent-to-Agent (A2A) communication—all designed to help your agents operate together as a coordinated system rather than in isolated silos.

Multi-agent support for Microsoft Fabric

With multi-agent support, your Copilot Studio agents can work with Fabric agents to reason over enterprise data and analytics at scale. That means you can connect business-facing agent experiences more directly to the data estate they already rely on, without treating every data-intensive scenario like a one-off engineering project. Instead of working with limited or disconnected data, these agents will be able to operate with full business context—helping make their outputs more accurate, relevant, and actionable.

Multi-agent support for the Microsoft 365 Agents SDK

Using the Microsoft 365 Agents SDK, teams can now orchestrate Copilot Studio agents alongside agents built for Microsoft 365 experiences. Instead of recreating the same logic across multiple agents (think retrieving data, applying business rules, or completing common tasks), you’ll be able to reuse and combine existing capabilities. This makes it easier to compose cross-app workflows from what’s already been built, reducing duplication and keeping experiences more efficient and consistent.

Agent-to-Agent (A2A) support

With A2A support, Copilot Studio agents can directly communicate with and delegate work to other agents—first-party, second-party, or third-party—using an open protocol that allows universal access. This matters because the future of enterprise AI will not belong to a single stack. Organizations need to build agents on platforms that can participate in a broader ecosystem, not just operate within one product boundary. Copilot Studio A2A provides that interoperability and power.

The impact of multi-agent systems

We’ve already seen the power of this approach with the Ask Microsoft web agent, one of our early “customer zero” implementations. As site traffic and knowledge sources grew, the single-agent architecture began to strain, creating slower response times. Using Copilot Studio, the team upgraded the agent to a modern architecture with generative orchestration and multi-agent coordination.

Now, multiple sub-agents handle different parts of the site—Microsoft Azure, Microsoft 365, pricing, trials, and more—while the main agent orchestrates them to provide fast, coherent, multi-turn responses. This setup allows Ask Microsoft to answer complex questions involving multiple products or services, and to tailor responses based on where the customer is on the site.

Building a more advanced assistant with Copilot Studio has meaningfully raised the bar for our customer experience and enabled us to scale faster across products to deliver real business impact.

—Alyse Muttera, Director of eCommerce Programs at Microsoft

To show how this approach works in other organizations, consider a common scenario at a bank. The loan department has one agent handling mortgage applications, while the banking department runs a separate agent for account inquiries. A customer, however, expects a single seamless experience.

Multi-agent orchestration lets each specialized agent manage its area of expertise while coordinating responses behind the scenes. For instance, if a customer asks about a mortgage payment and their account balance in the same interaction, the system delivers a cohesive, context-aware answer that combines insights from both agents—no juggling multiple interfaces required.

When specialized agents work together behind the scenes, customers can get a unified experience and employees can get time back.

That’s exactly the kind of impact Coca‑Cola Beverages Africa is realizing today by using Copilot Studio agents and Microsoft Dynamics 365 to autonomously run planning cycles and automate workflows end to end, saving planners 1 to 1.5 hours every day.

These features will be fully available to all eligible customers as of April 2026. Three capabilities, one outcome: agents that can operate more like a system and less like a collection of disconnected point solutions.

Build prompts faster while maintaining control

As agent experiences grow more sophisticated, the quality of the prompt an agent maker uses matters more. A great prompt yields more powerful results from agents than a good prompt, and fine-tuning prompts is key to unlocking them.

Grow your agent skills

Start Copilot Studio training ↗

But in practice, prompt iteration has historically felt disjointed and slow. Makers previously balanced their flow of work with jumping into a separate editor, making a small change, testing it, and then repeating the process again. That friction can add up quickly, especially when teams are tuning prompts for specialized business scenarios.

The new immersive Prompt Builder, now generally available, helps reduce that friction by bringing prompt editing directly into each agent’s Tools tab. You can update instructions, switch models, add inputs or knowledge, and test changes—all in one place. Instead of breaking context every time you want to refine an agent’s behavior, you can iterate while staying grounded in the agent you’re building.

This matters most in real-world scenarios where prompt behavior is tied to domain knowledge and policy nuance. For example, a team building an agent to support clinical documentation might need to refine instructions, swap in a better knowledge source, and test outputs against terminology that is common in healthcare but more likely to trigger default safeguards. Doing that from one workspace can make iteration faster and help lower the effort required to get a production-ready result.

More options for prompts: Content moderation and model choice

Speaking of triggering default safeguards, Copilot Studio has also added content moderation settings for prompts, now generally available in supported regions. This gives makers more control over harmful content sensitivity on managed models, including turning down that sensitivity to help unblock legitimate scenarios in industries like healthcare, insurance, and law enforcement, where default settings may be overly restrictive for the content being processed.

previous month updates

Read past editions ›

For even more control over prompts, the Prompt Tool now supports Anthropic Claude Opus 4.6 and Claude Sonnet 4.5 in paid experimental preview in the United States. That gives makers more choice in matching the right model to the right prompt, rather than forcing every scenario into the same tradeoff profile. This feature is great for teams that want more flexibility in how they balance performance, reasoning depth, and cost.

All together, these improvements help teams move faster on prompt iteration while maintaining the control and flexibility required in production scenarios.

What else is new and improved in Copilot Studio

We have also recently released several additional updates across automation, meetings, retrieval quality, and model support.

  • ServiceNow and Azure DevOps connector quality improvements are now generally available. These help agents better understand operational questions, retrieve the right ticket or work item data, and return more complete, actionable answers automatically.
  • Evaluation automation APIs are now generally available through Microsoft Power Platform APIs and connectors. These APIs help make it easier to run evaluations programmatically and integrate quality checks into continuous integration and continuous delivery (CI/CD) workflows.
  • Agents for Microsoft Teams meetings can now access real-time meeting transcripts and group chat. This supports scenarios like answering questions during the meeting, surfacing relevant information, or helping track decisions and follow-ups as they happen.
  • Model context protocol (MCP) apps and Apps SDK support have expanded how agents connect to your external work apps, helping to make it easier to integrate business systems and enable agents to take action across your broader ecosystem—not just respond with information.
  • Additional model support, including Grok 4.1 Fast, GPT-5.3 Thinking, and GPT-5.4 Instant in paid experimental preview, gives makers more options as they tune experiences for speed, cost, and capability.

Overall, these updates reflect a continuing broader shift in Copilot Studio: moving from building individual AI experiences to building connected, governed systems that can fit more naturally into how work already happens. As you scale up your organization’s use of multi-agent ecosystems, these will help your teams reach further across channels and knowledge sources to more accurately fulfill your business needs.

Stay up to date on all things Copilot Studio

More is coming in April 2026 across voice channels, workflows, and the building experience. Check out all the updates as we ship them, as well as new features releasing in the next few months here: What’s new in Microsoft Copilot Studio.

To learn more about Microsoft Copilot Studio and how it can transform productivity within your organization, explore Copilot Studio features and pricing or sign up for our free trial today.

Build powerful agents

Create, customize, deploy, and manage agents with Copilot Studio—and explore the features, use cases, and resources that help you get there.

Two coworkers standing and looking at devices together.

The post New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration appeared first on Microsoft Copilot Blog.

]]>
Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/addressing-the-owasp-top-10-risks-in-agentic-ai-with-microsoft-copilot-studio/ Mon, 30 Mar 2026 16:00:00 +0000 Agentic AI introduces new security risks.

The post Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio appeared first on Microsoft Copilot Blog.

]]>
Agentic AI is moving fast from pilots to production. That shift changes the security conversation. These systems do not just generate content. They can retrieve sensitive data, invoke tools, and take action using real identities and permissions. When something goes wrong, the failure is not limited to a single response. It can become an automated sequence of access, execution, and downstream impact.

Security teams are already familiar with application risk, identity risk, and data risk. Agentic systems collapse those domains into one operating model. Autonomy introduces a new problem: a system can be “working as designed” while still taking steps that a human would be unlikely to approve, because the boundaries were unclear, permissions were too broad, or tool use was not tightly governed.

The OWASP Top 10 for Agentic Applications (2026) outlines the top ten risks associated with autonomous systems that can act across workflows using real identities, data access, and tools.

This blog is designed to do two things: First, it explores the key findings of the OWASP Top 10 for Agentic Applications. Second, it highlights examples of practical mitigations for risks surfaced in the paper, grounded in Agent 365 and foundational capabilities in Microsoft Copilot Studio.

OWASP helps secure agentic AI around the world

OWASP (the Open Worldwide Application Security Project) is an online community led by a nonprofit foundation that publishes free and open security resources, including articles, tools, and documentation used across the application security industry. In the years since the organization’s founding, OWASP Top 10 lists have become a common baseline in security programs.

In 2023, OWASP identified a security gap that needed urgent attention: traditional application security guidance wasn’t fully addressing the nascent risks stemming from the integration of LLMs and existing applications and workflows. The OWASP Top 10 for Agentic Applications was designed to offer concise, practical, and actionable guidance for builders, defenders, and decision-makers. It is the work of a global community spanning industry, academia, and government, built through an “expert-led, community-driven approach” that includes open collaboration, peer review, and evidence drawn from research and real-world deployments.

Microsoft has been a supporter of the project for quite some time, and members of the Microsoft AI Red Team helped review the Agentic Top 10 before it was published. Pete Bryan, Principal AI Security Research Lead, on the Microsoft AI Red Team, and Daniel Jones, AI Security Researcher on the Microsoft AI Red Team, also served on the OWASP Agentic Systems and Interfaces Expert Review Board.

Agentic AI delivers a whole range of novel opportunities and benefits. However, unless it is designed and implemented with security in mind, it can also introduce risk. OWASP Top 10s have been the foundation of security best practice for years. When the Microsoft AI Red Team gained the opportunity to help shape a new OWASP list focused on agentic applications, we were excited to share our experiences and perspectives. Our goal was to help the industry as a whole create safe and secure agentic experiences.

Pete Bryan, Principal AI Security Research Lead

The 10 failure modes OWASP sees in agentic systems

Read as a set, the OWASP Top 10 for Agentic Applications makes one point again and again: agentic failures are rarely “bad output.” But they are bad outcomes. Many risks show up when an agent can interpret untrusted content as instruction, chain tools, act with delegated identity, and keep going across sessions and systems. Here is a quick breakdown of the types of risk called out in greater detail in the Top 10:

Agent goal hijack (ASI01): Redirecting an agent’s goals or plans through injected instructions or poisoned content.

Tool misuse and exploitation (ASI02): Misusing legitimate tools through unsafe chaining, ambiguous instructions, or manipulated tool outputs.

Identity and privilege abuse (ASI03): Exploiting delegated trust, inherited credentials, or role chains to gain unauthorized access or actions.

Agentic supply chain vulnerabilities (ASI04): Compromised or tampered third-party agents, tools, plugins, registries, or update channels.

Unexpected code execution (ASI05): Turning agent-generated or agent-invoked code into unintended execution, compromise, or escape.

Memory and context poisoning (ASI06): Corrupting stored context (memory, embeddings, RAG stores) to bias future reasoning and actions.

Insecure inter-agent communication (ASI07): Spoofing, intercepting, or manipulating agent-to-agent messages due to weak authentication or integrity checks.

Cascading failures (ASI08): A single fault propagating across agents, tools, and workflows into system-wide impact.

Human–agent trust exploitation (ASI09): Abusing user trust and authority bias to get unsafe approvals or extract sensitive information.

Rogue agents (ASI10): Agents drifting or being compromised in ways that cause harmful behavior beyond intended scope.

For security teams, knowing that these issues are top of mind across the global community of agentic AI users is only the first half of the equation. What comes next is addressing each of them through properly implemented controls and guardrails.

Build observable, governed, and secure agents with Microsoft Copilot Studio

In agentic AI, the risk isn’t just what an agent is designed to do, but how it behaves once deployed. That’s why governance and security must span both in development (where intent, permissions, and constraints are defined), and operation (where behavior must be continuously monitored and controlled). For organizations building and deploying agents, Copilot Studio provides a secure foundation to create trustworthy agentic AI. From the earliest stages of the agent lifecycle, built in capabilities help ensure agents are safe and secure by design. Once deployed, IT and security teams can observe, govern, and secure agents across their lifecycle.

In development, Copilot Studio establishes clear behavioral boundaries. Agents are built using predefined actions, connectors, and capabilities, limiting exposure to arbitrary code execution (ASI05), unsafe tool invocation (ASI02), or uncontrolled external dependencies (ASI04). By constraining how agents interact with systems, the platform reduces the risk of unintended behavior, misuse, or redirection through indirect inputs. Copilot Studio also emphasizes containment and recoverability. Agents run in isolated environments, cannot modify their own logic without republishing (ASI10), and can be disabled or restricted when necessary (ASI07, ASI08). For example, if a deployed support agent is coaxed (via an indirect input) to “add a new action that forwards logs to an external endpoint,” it can’t quietly rewrite its own logic or expand its toolset on the fly; changes require republishing, and the agent can be disabled or restricted immediately if concerns arise. These safeguards prevent localized agent failures from propagating across systems and reinforce a key principle: agents should be treated as managed, auditable applications, not unmanaged automation.

To support governance and security during operation, Microsoft Agent 365 will be generally available on May 1. Currently in preview, Agent 365 enables organizations to observe, govern, and secure agents across their lifecycle, providing IT and security teams with centralized visibility, policy enforcement, and protection capabilities for agentic AI.

Once agents are deployed, Security and IT teams can use Agent 365 to gain visibility into agent usage, manage how agents are used, and enforce organizational guardrails across their environment. This includes insights into agent usage, performance, risks, and connections to enterprise data and tools. Teams can also implement policies and controls to help ensure safe and compliant operations. For example, if an agent accesses a sensitive document, IT and security teams can detect the activity in Agent 365, investigate the associated risk, and quickly restrict access or disable the agent before any impact occurs. Key capabilities include:

Access and identity controls alongside policy enforcement to ensure agents operate within the appropriate user or service context, helping reduce the risk of privilege escalation and applying guardrails like access packages and usage restrictions (ASI03).

Data security and compliance controls to prevent sensitive data leakage and detect risky or non-compliant interactions (ASI09).

Threat protection to identify vulnerabilities (ASI04) and detect incidents such as prompt injection (ASI01), tool misuse (ASI02), or compromised agents (ASI10).

Together, these capabilities provide continuous oversight and enable rapid response when agent behavior deviates from expected boundaries.

Keep learning about agentic AI security

Agentic AI changes not just what software can do, but how it operates, introducing autonomy, delegated authority, and the ability to act across systems. The shift places new demands on how systems are designed, secured, and operated. Organizations that treat agents as privileged applications, with clear identities, scoped permissions, continuous oversight, and lifecycle governance, are better positioned to manage and reduce risk as they adopt agentic AI. Establishing governance early allows teams to scale innovation confidently, rather than retroactively building controls after the agents are embedded in workflows. Here are some resources to look over as the next step in your journey:

OWASP Top 10 for Agentic Applications (2026): The baseline: top risks for agentic systems, with examples and mitigations.

Microsoft AI Red Team: How Microsoft stress-tests AI systems and what teams can learn from that practice.

Microsoft Security for AI: Microsoft’s approach to protecting AI across identity, data, threat protection, and compliance.

Microsoft Agent 365: The enterprise control plane for observing, governing, and securing agents.

Microsoft AI Agents Hub: Role-based readiness resources and guidance for building agents.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

OWASP Top 10 for Agentic Applications content © OWASP Foundation. This content is licensed under CC BY-SA 4.0. For more information, visit https://creativecommons.org/licenses/by-sa/4.0/

The post Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio appeared first on Microsoft Copilot Blog.

]]>
Powering Frontier Transformation with Copilot and agents http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/powering-frontier-transformation-with-copilot-and-agents/ Mon, 09 Mar 2026 13:00:00 +0000 Wave 3 marks a new version of Microsoft 365 Copilot, moving beyond assistance to embedded agentic capabilities.

The post Powering Frontier Transformation with Copilot and agents appeared first on Microsoft Copilot Blog.

]]>
Frontier Transformation starts with a simple idea: AI must do more than optimize what already exists. It must unlock new levels of creativity, innovation, and growth. And it must show up inside real work, grounded in real context, and solve real problems for people and organizations. We’ve found that to do this, the two most important elements are intelligence and trust. Intelligence ensures AI is contextual, relevant, and grounded. Trust ensures AI can scale safely, securely, and responsibly. Our announcements today show how intelligence and trust together turn AI from experimentation into durable, enterprise-wide value.

Wave 3 of Microsoft 365 Copilot

Wave 3 marks a new version of Microsoft 365 Copilot, moving beyond assistance to embedded agentic capabilities. And this is just the start, with much more product innovation to follow in the months ahead.

Copilot Cowork

Working closely with Anthropic, we have brought the technology that powers Claude Cowork into Microsoft 365 Copilot. It’s this multimodel advantage that makes Copilot different. Your work is not limited by one brand of models. Copilot hosts the best innovation from across the industry and chooses the right model for the job regardless of who built it. This is a pattern of work that will only become more powerful as new models and ways of working emerge.

Copilot Cowork brings long‑running, multi‑step work into Microsoft 365 Copilot, moving beyond prompts and responses toward execution that unfolds over time. And, with Work IQ, it has the full context of your work, not just fragments of data, so it can reason over all relevant materials. Instead of asking Copilot to generate a single artifact, Cowork allows you to delegate meaningful work and stay in the loop as that work progresses.

With Cowork, Copilot can break down complex requests into steps, reason across tools and files, and carry work forward with visible progress and opportunities to steer. Tasks are no longer confined to a single turn or a single app. They can run for minutes or hours, coordinating actions and producing real outputs along the way.

Cowork is built with enterprise needs in mind. Work is observable. Actions are transparent. Documents are immediately enterprise knowledge that’s protected and ready to share. Progress can be reviewed, guided, or stopped. And everything operates within Microsoft’s security, identity, and governance framework, so organizations can adopt these capabilities with confidence.

By combining Anthropic’s agentic model for multi-step tasks with Microsoft 365, Cowork delivers a managed, enterprise‑grade experience that pairs powerful reasoning with the controls enterprises expect. This is the promise of Copilot: the best AI innovation from across the industry delivered quickly with the intelligence of Work IQ and trust of Microsoft’s Enterprise Data Protection. Cowork is being tested with a limited set of customers as a research preview and will be available through the Frontier program in March.

Join the Frontier program to get access to Microsoft’s latest AI innovations.

Microsoft 365 Copilot in Word, Excel, PowerPoint, and Outlook 

Today, many AI tools treat the creation of an artifact as a single-shot task. They connect to Microsoft 365 data but miss key context. They create content that doesn’t follow how apps natively work. They create version sprawl by producing files that are locally downloaded. And they do not respect the existing confidentiality protections within an organization.

Wave 3 of Copilot will now work alongside you in WordExcelPowerPoint, and Outlook, creating, editing, and refining high-quality content from start to finish inside a document, spreadsheet, presentation, or email. And it uses Work IQ to stay grounded in the context of your work, so edits always reflect what is current and relevant across your files, meetings, chats, and relationships.

Copilot does the heavy lifting by updating existing work: refining a Word document into a polished draft, improving Excel spreadsheets with real formulas, producing slides in PowerPoint that match how your organization builds decks—including understanding layouts, object styles, and brand kits— and drafting and refining emails directly in Outlook. And because this work happens inside the apps where people already work, every change is transparent, reviewable, and reversible as you iterate.

During preview, we described these capabilities as “Agent Mode.” As we moved toward general availability, it became clear that this isn’t a separate mode at all—it’s core to how this next wave of Copilot works.

Microsoft 365 Copilot enforces existing Microsoft 365 permissions and sensitivity labels and saves files to OneDrive and SharePoint—with tenant-level controls—so protected content isn’t processed when extraction isn’t allowed. This means organizations can apply governance, audit, compliance, and retention policies at scale.

These new Copilot experiences are generally available in Excel and Word, with PowerPoint and Outlook starting to roll out over the coming months.

Agents in chat

Not all work starts inside a document or an app. Often, it begins conversationally—with a question, an idea, or a rough intent that needs to be turned into action.

That’s why, in Wave 3, chat in Copilot is the entry point for chat‑first creation and execution. From chat, you can create documents, spreadsheets, and presentations directly from a conversation, or ask Copilot to take common workplace actions—like scheduling a meeting or drafting and sending an email to your team—without copying and pasting between tools or switching contexts. These end‑to‑end workflows move work forward immediately and set Copilot apart.

Chat in Copilot is where the ecosystem comes together. Built‑in agents for Word, Excel, PowerPoint, and Outlook let you move easily from conversation into app‑native work. And with agents in Copilot supporting open standards like Apps SDK and MCP Apps, your apps can now surface directly within chat—enabling live, interactive experiences where work actually happens. From sales and customer service insights in Microsoft Dynamics 365, to custom apps built with Microsoft Power Apps, to partner experiences from Adobe, Monday.com, and Figma, Copilot brings your critical tools and insights together in one place.

Copilot also makes it easy for people across your organization to build agents that support their day‑to‑day work using Agent Builder. Meanwhile, IT and business leaders can create more sophisticated business process agents with Microsoft Copilot Studio—from employee onboarding to procurement. Recent updates to Copilot Studio help organizations evaluate agent quality, coordinate multiple agents, and ensure agents work together across systems—while remaining observable, governable, and secure at enterprise scale. 

Copilot works directly inside apps when work is underway, and agents in chat provide the starting point when work begins with a conversation.

Excel, Word, and PowerPoint Agents are rolling out to generally availability in chat in Copilot. Schedule from chat and custom instructions are available today and send email from chat is rolling out with broad availability this spring. 

Multi‑model intelligence

Wave 3 also advances Microsoft’s commitment to model choice in Copilot, so intelligence can show up in the right way for the work at hand, without requiring you to think about models at all.

Many AI tools lock users into a single vendor’s models. Others force people to choose between tools, experiences, or modes depending on the task. That fragmentation creates friction for individuals and complexity for organizations. Leaders end up managing overlapping tools, inconsistent experiences, and rising costs as teams bring their own AI into the business.

At the same time, IT and business decision‑makers are forced into long‑lived vendor bets, even as the pace of model innovation accelerates and better capabilities emerge elsewhere. The result is broken context for users, unnecessary overhead for organizations, and the burden of model selection pushed onto people who just want to get work done.

In contrast, Microsoft 365 Copilot brings leading models from multiple providers directly into the work experience. With Wave 3, Claude is now available in mainline chat in Copilot via the Frontier program, alongside the latest generation of OpenAI models, which continue to roll out with new releases. This means users can access advanced reasoning and multistep capabilities in their everyday Copilot conversations, not just specialized tools. Copilot automatically applies the right model for the task, all grounded in your enterprise context and protected by Microsoft’s security and governance controls.

Agent 365

As organizations adopt agents as part of everyday work, the challenge shifts from experimentation to operating them with trust, safety, and control at scale. IDC projects agent use will increase by an order of magnitude over the next few years, with hundreds of millions—and soon billions—of agents operating across enterprises.That scale creates a new dilemma for IT and security leaders: how to manage agents across the organization without rebuilding infrastructure, weakening security posture, or slowing innovation. This is exactly the scenario Agent 365 was designed for.

Agent 365 is the control plane for agents. In practical terms, it gives IT and security leaders one place to observe, secure, and govern every agent across the organization, and it provides the confidence to move from agent experimentation to enterprise-scale operations. Agent 365 extends the management, security, and governance processes organizations already use for employees to agents, so they can stay in control as agents become part of daily work.

The idea is simple: there is no need to reinvent the wheel. The fastest path to getting agents under control is to manage them in a similar manner to managing users, using familiar Microsoft solutions including the Microsoft Admin Center for agent management and Microsoft Security solutions like Defender, Entra, and Purview for agent security and governance.

Agent 365 will be generally available on May 1, priced at $15 per user per month.

Introducing Microsoft 365 E7: The Frontier Suite

Frontier transformation is real when both sides of the system move together: people and AI operating across the enterprise.

Microsoft 365 E7: The Frontier Suite closes the gap, equipping employees with AI across email, documents, meetings, spreadsheets, and business application surfaces, while giving IT and security leaders the observability and governance needed to operate AI at enterprise scale.

Copilot and agents work together with shared intelligence, understanding context, history, priorities, and constraints. Trust is built in by default—with user data, enterprise data, and agent actions protected through identity, policy, and observability—so AI can scale across the workforce without compromising security or compliance.

Microsoft 365 E7 will be available for purchase on May 1 at a retail price of $99 per user per month, and includes Microsoft 365 Copilot, Agent 365, Microsoft Entra Suite, and Microsoft 365 E5 with advanced Defender, Entra, Intune, and Purview security capabilities to help secure users, delivering comprehensive protection across agents and users.

Get started today

Wave 3 of Microsoft 365 Copilot marks a turning point in how AI shows up at work. Agentic capabilities are embedded directly into Word, Excel, PowerPoint, Outlook, and Copilot Chat, bringing multi‑model intelligence into everyday workflows. Agent 365 makes this shift operational by giving organizations a way to observe, govern, and secure agents as they move from experimentation to enterprise‑scale use. Microsoft 365 E7 brings it all together by unifying productivity, AI, identity, and security into a single foundation.

Together, these changes make frontier transformation real: intelligence that understands the context of work, and trust that allows AI to scale safely across the workforce. When intelligence and trust move together, AI stops being an experiment and starts becoming how work gets done.

  • Visit Microsoft365.com/copilot or download the Microsoft 365 app on your mobile device to get started.
  • For the latest research and insights on AI at work, visit WorkLab.
  • Learn from our engineering leaders how Microsoft delivers AI built for work at the Microsoft Frontier Transformation digital event on March 9, 2026, at 8:00 AM PT.

Footnotes

Microsoft 365 E7 is available with and without Teams.

1IDC Info Snapshot, sponsored by Microsoft, 1.3 Billion AI Agents by 2028, May 2025 #US53361825

The post Powering Frontier Transformation with Copilot and agents appeared first on Microsoft Copilot Blog.

]]>
New and improved: Agent evaluations, computer use, and advanced maker training http://approjects.co.za/?big=en-us/microsoft-copilot/blog/copilot-studio/new-and-improved-agent-evaluations-computer-use-and-advanced-maker-training/ Wed, 04 Mar 2026 19:15:00 +0000 Explore Copilot Studio feature updates that support secure, scalable agent development—from enhanced agent evaluations to improved automation tools.

The post New and improved: Agent evaluations, computer use, and advanced maker training appeared first on Microsoft Copilot Blog.

]]>
Agent flows are currently managed in the classic Copilot Studio experience. Workflows are the new automation experience in Copilot Studio. Learn about the latest updates to workflows.

Microsoft Copilot Studio and Agent Builder in Microsoft 365 Copilot are designed to help customers reliably create agents that scale and deliver real, sustained business value—not just prototypes. Recent enhancements focus on making it easier to move from building an agent to running one confidently across complex, dynamic environments, with consistent quality and the ability to evolve as business needs change.

Discover the latest capabilities in agent evaluations, exciting updates for computer-using agents (including expanded model support), a new Agent Academy Operative training path, and more. Plus, learn how you can use these capabilities to help ensure your agents are ready for scale.

Build trust at scale with enhanced agent evaluations in Copilot Studio

Agents aren’t “set and forget.” Prompts evolve, models update, and data changes—which raises a critical question as agents take on real work: can we trust them at scale? Agent evaluations answer that question with evidence. They’re designed to turn expectations into measurable checks, help teams catch regressions early, and provide a repeatable way to assess agent quality as behavior and context evolve.

For example, a finance leader rolling out an agent for expense policy guidance or month‑end analysis needs to trust its behavior before moving beyond a pilot. With enhanced agent evaluations in Copilot Studio, teams can now validate performance using their own scenarios, policies, and production data—measuring quality, usability, and responsiveness across a full test set instead of isolated cases.

Side‑by‑side comparisons then help catch regressions before changes go live. Meanwhile, built‑in transparency and session replays support internal and external stakeholder review. The result is a clear, evidence‑based path from experimentation to trusted deployment.

Available in public preview, here’s a quick rundown of the latest eval enhancements.

Holistic and multi-dimensional agent evaluation

  • Set-level grading framework: You can now evaluate agents across an entire test set instead of individual test cases, enabling an accurate measure of overall quality. By consolidating results from multiple tasks, makers can better understand real-world performance by seeing how agents maintain quality across a range of scenarios.
  • Multiple graders per test set: With the ability to apply multiple grading approaches—such as quality, performance, and usability assessments—to the same test set, teams can gain a more complete evaluation without the complexity of managing separate test sets.
  • Comparative testing: Teams can compare multiple agent versions side by side, which can make it easier to spot regressions and validate improvements before pushing the best version live.

Improved transparency and control

  • User reactions and feedback: Makers can now provide quick feedback on evaluation results using a simple thumbs up or thumbs down action. This feedback helps Copilot Studio capture signals about evaluation accuracy, grader alignment, and edge cases, which means our team can continuously refine our evaluation models and improve result quality for agent makers.
  • Open activity map in evaluation: Direct integration with the activity map gives teams immediate insight into how agents executed tasks, helping identify where issues occurred faster and improve optimization.
  • Enterprise-grade auditing: Advanced session replays, action logs, and Microsoft Purview integration offer detailed visibility into agent behavior, helping makers preserve quality and streamline troubleshooting.

Streamlined workflow and data integration

  • CSV downloadable format: Makers can now download a ready-to-use comma-separated values (CSV) template that follows the exact structure required for importing test cases into evaluation. Instead of creating files from scratch—and running into formatting errors, missing columns, or failed imports—teams can rely on a validated template that can help shorten setup time and remove unnecessary friction.
  • Import production data into evaluation: Real-world production data can now be imported directly into evaluations, providing high-quality test sets that reflect actual user interactions. This is designed to improve evaluation accuracy and help makers tune agents more closely to their specific audiences.
  • Import and export of test sets, test cases, and results: Makers can import or export test sets, individual test cases, and evaluation results. This helps simplify teamwork and support repeatable testing across environments—essentials for enterprise-scale agent development.

Scale automation across real-world systems with nimbler computer use

Most organizations don’t lack ideas for automation. Instead, the challenge tends to be with fragmented systems, limited APIs, legacy desktop tools, and workflows that go across multiple departments. Replacing everything isn’t realistic. But maintaining brittle, script-based automation isn’t sustainable either.

Copilot Studio’s computer-using agents (CUAs) can address this gap by interacting directly with web and desktop interfaces, supporting automation across systems that weren’t designed to integrate. They facilitate automation in complex, dynamic environments where traditional robotic process automation (RPA) falls short.

Consider a customer support organization handling service requests across disconnected systems. When a customer submits a support request, a computer-using agent can:

  1. Retrieve customer and entitlement details from the customer relationship management (CRM) system.
  2. Create or update a case in the service management system.
  3. Pull relevant troubleshooting steps from a knowledge base.
  4. Update the case status and resolution checklist in Microsoft SharePoint.
  5. Notify the assigned service representative and escalate if service-level agreements (SLAs) are at risk.

This would be impossible with RPA alone because of the need to transcend systems. Although pieces could be automated, a person historically would need to initiate each step. With computer use, the organization can now accelerate this process and mitigate missed steps, without requiring a redesign of existing systems.

And the latest updates enhance the value of your computer-using agents, adding key capabilities that enable improved flexibility, security, and scalability:

  • Expanded model availability: We’ve added Claude Sonnet 4.5 as an additional model choice for CUAs. You can choose between Anthropic models and OpenAI’s Computer-Using Agent to get the best possible results for your task.
  • Built-in credentials: Simplify and secure authentication with built-in credentials that require minimal setup. Users simply input their username and password once, and Copilot Studio stores the credentials securely.
  • Enterprise-grade logging and auditing: New monitoring tools, integrated with Microsoft Purview, enhance computer-using agent session visibility. This includes detailed logs of agent activity and session replays with screenshots that support traceability and compliance processes.
  • Cloud PC pool: Powered by Windows 365 for Agents, this scalable, managed cloud infrastructure integrates with Microsoft Entra and Intune. These PC pools auto-scale based on workload demand, helping you handle spikes without over-provisioning.

We know the more tools that help drive operational efficiency while maintaining control over automated workflows, the more confident teams can be about adopting computer use. That’s why these updates help elevate computer-using agents as a more reliable, adaptable solution for enterprises looking to scale their use of agentic automation.

Learn to build multi-agent systems with the Agent Academy Operative path

Finished the Recruit training from the Copilot Studio Agent Academy and looking to go deeper? The new Operative path unlocks the next level of training for agent makers who are ready to build their skills. It’s designed for practitioners who already have their first agent working and want to expand their skills to build more sophisticated, production-ready solutions.

The Operative path walks learners through building a complex, multi-agent hiring automation system, using it as an applied learning example that can be adapted to any business scenario.

Along the way, participants develop critical skills such as writing clear and effective agent instructions, selecting and evaluating AI models, and applying advanced prompt patterns, agent flow integration, and Model Context Protocol (MCP). The curriculum also emphasizes operational readiness, including feedback loops, telemetry, and AI safety throughout the agent lifecycle.

By the end of the path, learners can gain a deeper understanding of how to design, build, and architect scalable multi-agent systems that can evolve with business needs. For creators ready to move from basic agents to more advanced, reliable solutions, the Operative path provides a practical and structured next step.

What else is new and improved in Copilot Studio

Previous month updates

Read past editions ›

Now, let’s take a quick look at some other exciting updates—all generally available (GA)—that further enhance your Copilot Studio (and Agent Builder) experience:

  • Copy agents from Agent Builder into Copilot Studio to scale impact: Agents that start as individual ideas in Agent Builder and prove team-wide value can now be opened directly in Copilot Studio for a more extensive maker experience. This unlocks advanced features such as topics, automations, expanded publishing channels, and enterprise governance controls, including data loss prevention and application lifecycle management. For example, a support representative’s personal helper agent can be expanded into a shared tool that categorizes tickets, suggests responses, and routes issues to the right specialists—without rebuilding from scratch.
  • Query your agent inventory from Azure Resource Graph: The Microsoft Power Platform agent inventory, which organizes and displays all your published Copilot Studio and Agent Builder agents, is now generally available. Admins can query this inventory programmatically using Azure Resource Graph to access detailed data about both draft and published agents across the tenant, using Azure portal, CLI, PowerShell, or REST API.
  • Generate icons for your agents using AI in Agent Builder: Makers can now generate custom agent icons directly in Agent Builder using AI. Instead of browsing or creating artwork manually, they simply describe how the icon should look—using the agent’s description or a custom prompt—and get a unique icon designed to stand out in the Agent Store.
  • Try the Copilot Studio extension for Visual Studio Code: The Copilot Studio extension lets teams version, edit, and deploy agents directly from Visual Studio Code, making it easier to align with existing software development workflows.

The big takeaway: Stronger Copilot Studio tools for more scalable agent experiences

These updates aren’t just new features; they strengthen the tools teams rely on to create agents that scale with their business. By enhancing flexibility, security, and visibility, these updates are designed to make it easier to scale agents without starting over each time.

This continuity helps makers innovate quickly while IT teams maintain control over governance, compliance, and performance—bridging the gap between rapid iteration and enterprise-grade reliability. Why? Because at the end of the day, the best agents are those that are built to grow with your needs, and with these updates, that evolution becomes more attainable every month.

Stay up to date on all things Copilot Studio

Check out all the updates as we ship them, as well as new features releasing in the next few months here: What’s new in Microsoft Copilot Studio.

To learn more about Microsoft Copilot Studio and how it can transform productivity within your organization, visit the Copilot Studio website or sign up for our free trial today.

Create your next agent

Build, evaluate, manage, and scale custom agents—all in Copilot Studio.

A maker working on a laptop in a common area in a workplace.

The post New and improved: Agent evaluations, computer use, and advanced maker training appeared first on Microsoft Copilot Blog.

]]>