Microsoft used Build 2025 to launch over 50 updates that push AI agents from prompt-based assistants to embedded platform services. These agents now handle workflows, trigger system actions, manage context, and interact across cloud, data, and enterprise environments.
Microsoft integrates agentic capabilities into every stack layer from GitHub and Teams to Cosmos DB and Windows.
This article details major Build 2025 announcements, from multi-agent design systems to on-device AI deployment, identity-linked governance, agent-native data pipelines, and real-world adoption across healthcare, education, and public systems.
Can software really think in teams?
Microsoft introduced a fully agentic platform architecture at Build 2025, positioning AI agents as core software components that observe, decide, and delegate tasks across business systems, development environments, and data layers.
Multi-agent orchestration with Copilot Studio
Copilot Studio now includes native support for multi-agent orchestration, allowing teams to assign roles, seamlessly share task states, and orchestrate sequential task handoffs. Using Studio’s intuitive orchestration canvas, developers can easily define, simulate, and deploy complex agent-based workflows directly into Microsoft Teams and Microsoft 365.
Copilot Studio Tuning lets ops or HR teams tailor Copilot on their own docs and see measurable jumps in answer accuracy within hours.
For more complex, enterprise-scale scenarios, Azure AI agents service provides greater control, enabling teams to define reusable agent skills, manage agent memory efficiently, and integrate seamlessly with external systems via APIs.
The service supports various models, such as OpenAI, Mistral, and DeepSeek, allowing developers to embed agents directly into their applications or expose them through RESTful endpoints.
Azure AI Foundry, now GA, is backing those builder tools with a catalog of 1,900-plus models. Its new Model Router automatically chooses the best model, Grok Mini for speed and Llama 3 for accuracy. At the same time, the RAG UI lets teams plug in private data and watch live evaluation scores.
Coordinated agent workflows with Agent2Agent protocol
Within Copilot Studio, Microsoft introduced the Agent2Agent protocol, a new open standard designed explicitly for inter-agent communication. This protocol enables sophisticated workflows, for example, a procurement agent that autonomously initiates compliance checks and updates vendor dashboards.
A2A fills the gap as the message bus for agent ecosystems. We expect rapid cross-vendor adoption because interoperability is the only way multi-agent apps avoid vendor lock-in.
Persistent context with Model Context Protocol (MCP)
Microsoft released the Model Context Protocol to maintain context and continuity between agent interactions. Described by CTO Kevin Scott as “kind of like HTTP for agents,” MCP ensures agents retain relevant information across multiple actions, making multi-step processes seamless and coherent.
Native MCP integration within Windows 11 allows agents to directly access system-level functionalities such as file management, user settings, and Windows Subsystem for Linux (WSL) interactions. This deep integration enhances intelligence across the entire operating system, significantly broadening agent capabilities.
With the same SDK on device and in the cloud, teams can prove an agent locally, then scale it in Azure without changing a line of code.
Extending agent capabilities to the open web
Microsoft also introduced NLWeb, an innovative, open protocol designed to empower AI agents to navigate and interact with websites using natural language seamlessly. NLWeb leverages existing web structures, such as Schema.org and site metadata, allowing agents to engage directly with web content and perform actions independently.
Early adopters like Shopify, Snowflake, and O’Reilly have already integrated NLWeb, making their platforms readily accessible to AI agents without requiring custom API integrations.
Launch of Microsoft’s Agent Store
Microsoft launched the Agent Store, a curated marketplace designed for secure internal distribution and discovery of AI agents within Microsoft 365 environments.
Agents published here automatically inherit identity and security policies from Entra ID, combined with robust runtime protections provided by Microsoft Defender. This ensures organizations can confidently deploy AI agents even in highly regulated sectors.
A few examples of agents already at work
Stanford Medicine uses these agentic capabilities by directly integrating AI-driven orchestration into their healthcare workflows. Their custom agents autonomously review clinical records, assign follow-up actions, and route critical healthcare decisions without disrupting existing EMR systems.
Peru’s Ministry of Education uses agents to automatically distribute curriculum materials and monitor student progress in remote communities.
The NFL Combine showcased an agent system for analyzing player performance, predicting injury risks, and generating actionable scouting insights.
Microsoft treats agents as a first-class runtime with shared memory, identity, and web-native reach. The conversation will change from “where do we add AI?” to “which roles in our stack can an agent own end-to-end?” Starting with one high-stakes, repeatable process lets teams measure time saved and audit gains immediately.
The developer workflow is now an agentic system
GitHub rolled out the Coding Agent (codenamed Project Padawan) inside Copilot. Developers frame a request in plain language, such as “harden this API” or “add logging to every service,” and the agent handles the rest.
It clones the repo, builds a secure sandbox, uses retrieval-augmented generation to grasp project context, and then opens a pull request with human-readable commit notes. All of this runs in the new Copilot Workspace, a task-centric view that lets you inspect the plan, tweak steps, or hit merge.
This way, teams can turn recurring chores into Workspace tasks and reclaim engineering hours faster.
Agents step into the pipeline
Microsoft introduced two specialized teammates. SWE agents scan live code for dead paths, missing tests, or outdated patterns and suggest focused refactors.
SRE agents sit in the release pipeline, watch live telemetry, and enact playbooks when latency or error budgets slip. Both plug into GitHub Actions and Azure DevOps, so every intervention is traceable and roll-backable.
Each of these agents runs within policy-aware boundaries. GitHub Enterprise and Entra ID enforce security tokens, org permissions, and logging, ensuring that automated actions are traceable, auditable, and revocable.
Microsoft also added token-aware scopes to prevent agents from exceeding access rights during PR creation or deployment.
These agents convert toil tickets into self-healing routines. An SRE agent that blocks a bad config before users notice is worth more than another dashboard.
Developer tools turn agent-native
Visual Studio and VS Code now show agent activity in a sidebar, offer one-click staging for AI-generated diffs, and open live web previews so you can review changes in context.
On the client side, Windows AI Foundry puts that same model catalog on Copilot+ PCs, letting developers run or LoRA-tune open-source models locally and push the same agent code to Azure without rewrites.
Shipping is easier, too. Apps can now be published to the Microsoft Store with zero registration cost, and the Agent Store lets companies ship internal agents that automatically inherit Entra ID policies and Microsoft Defender protections.
Integrated oversight and zero-fee publishing close the loop from code creation to safe distribution, making autonomous workflows a default, not an experiment.
OpenAI CEO Sam Altman discussed the progression of AI in software development, reflecting on the journey from early versions of Codex to the current state:
“Satya, you and I have been talking about this for a long time. In fact, the very first version of Codex, I think it was all the way back to 2021, one of the very first things we did together in GitHub. And we’ve been talking about how someday we’d get to, like, a real agentic coding experience. And it’s kind of wild to me that it’s finally here. I think this is one of the biggest changes to programming that I’ve ever seen.”
Is your data stack ready to become AI-native?
In Build 2025, Microsoft made it clear that AI is becoming part of how data flows, is shaped, and is used right from the infrastructure layer.
Microsoft Fabric now includes built-in AI transforms inside dataflows. Teams can run summarization, classification, sentiment analysis, or language translation directly within pipelines without exporting to an LLM or hitting an external API.
For example, customer feedback in different languages can now be translated, scored, and grouped as part of the data pipeline.
These models run in context as structured AI actions tied to real-time data. You define what to extract, and the system gives you structured results you can act on. No extra setup or orchestration tools are required.
Cosmos DB becomes long-term agent memory
The same design appears in Cosmos DB, which is also becoming more agent-native. It now supports vector indexing, which allows AI agents to store and retrieve memory based on semantic similarity. That means when an agent needs to “remember” past conversations, decisions, or actions, it doesn’t need to search by ID or keyword. It can retrieve the closest match based on intent, improving how agents hold context over time.
Cosmos DB also serves as a persistent memory layer, so agents can store chat history, user preferences, or unresolved tasks and return to them later. This kind of stateful behavior used to require extra systems, but now it’s built-in.
Vector search isn’t just for retrieval-augmented chat. Treat it as session memory, the place an agent checks before asking the user the same question twice.
AI moves inside SQL engines
On the relational side, PostgreSQL and SQL Server 2025 now support AI functions inside queries. You can ask a single query for raw rows and a model-generated summary, ideal for ops dashboards that must explain spikes.
Fabric and Databricks form one loop
For organizations working in analytics and ML, Azure Databricks and Fabric now integrate more fluidly. Agents can trigger workflows across both platforms, moving data between real-time inference and batch analytics without having to rewrite pipelines. You can build it once and apply it many times.
When the same parquet file feeds both BI and inference, lineage and cost debates get shorter. Budget once, use everywhere.
One standout demo came from the UK Met Office, which showed an end-to-end forecasting system powered by this stack. It starts with raw sensor and weather data, routes through Fabric for transformation, and feeds directly into models that output real-time forecasts. There is no delay, no reprocessing, and no siloed analytics team in the middle.
Governance is moving into the agent runtime
When agents can fetch files, assign tasks, and update records without human supervision, they need more than model tuning. They need identity, policy, and runtime protection built into the system, not bolted on.
At Build 2025, Microsoft brought governance to the agent layer, treating agents like system participants, not extensions. It starts with Entra Agent ID, a new identity layer for AI agents. Agents built in Copilot Studio or Azure AI Foundry now get unique identities, just like employees. That means they follow the same role-based access controls. Every action is logged. Every data request is tracked.
These are functional controls. Admins can apply Conditional Access policies to agents, scope what environments they can run in, and even revoke agent credentials if something goes wrong.
Data-aware policy with Purview
The policy follows the data, too. Microsoft Purview now extends its classification and sensitivity labels to agents. That means an agent accessing a contract or health record follows the same data loss prevention (DLP) rules as a human. Purview also brings DSPM for AI, automatically identifying what data is sensitive, how it’s used, and whether agent actions comply.
Live runtime defense using Defender
Security continues at runtime. Microsoft Defender for Cloud inspects live agent traffic for abnormal API calls, token misuse, policy violations, and context-overflow attacks. If behavior drifts, Defender throttles or quarantines the agent in real time.
Hardware isolation for zero-trust workloads
For teams building systems in regulated industries or handling critical operations, Microsoft added post-quantum cryptography and the VBS Enclave SDK, enabling hardware-level security for confidential AI tasks. These capabilities make it viable to deploy agents in zero-trust environments where isolation and traceability are non-negotiable.
Ecosystem momentum with ServiceNow and Workday
The ecosystem is already expanding. ServiceNow and Workday are integrating with Entra Agent ID to provide consistent governance across HR, ITSM, and business workflows, where agents often act on behalf of entire departments.
Identity, policy, and real-time inspection close the shadow-agent risk. With integrated safety, companies can move beyond defensive “Are we safe?” discussions and start creating forward-looking plans to automate their most painful manual processes with trusted AI agents.
What else launched
- Microsoft 365 Copilot Wave 2: Outlook now auto-summarizes long threads and preps meeting briefs. You can create Copilot Pages on mobile and export them to Word.
- Edge AI APIs + Phi-4-mini: Web apps can use an on-device 3.8 B-parameter model for text generation, summarization, and (soon) translation without a cloud round-trip.
- Power Apps “Plans” & NL-to-UI: A new canvas lets users draft apps in natural language, then auto-generate pages and data models; an agent feed brings human-AI collaboration to the app.
- SQL Server 2025 (Preview) – An AI-ready engine with in-database LLM calls, native JSON, REST API, real-time CDC streaming, and one-click mirroring of Fabric’s OneLake.
How Simform helps you build for the agentic future
Build 2025 sets the direction that AI agents are becoming the interface, the integration layer, and the system logic. But deploying them across real-world environments, where compliance, security, and performance matter, requires more than just tools.
At Simform, we help engineering and platform teams adopt these new models confidently. As a Microsoft Azure Solutions Partner specializing in Digital and app Innovation, Data and AI, and Infrastructure, we bring deep implementation expertise across Microsoft’s evolving AI stack.
Our work spans everything from Entra-governed access controls to integrating Fabric’s AI pipelines into enterprise systems. Partner with Simform to move from copilots to real platforms built to scale, governed by design, and aligned with your business’s operations.
