Enterprise DNA

Omni by Enterprise DNA

Enterprise DNA Resources

Latest AI and industry news. Practical AI operating-system thinking for owners, operators, and teams doing real work.

220k+

Data professionals

Omni

AI agents and apps

Audit

Map the manual work

News Trending Product

Microsoft Open-Sources Agent Governance Toolkit

Microsoft's Agent Governance Toolkit brings runtime security and zero-trust policy enforcement to AI agents, covering all 10 OWASP Agentic AI risks.

Enterprise DNA | | via Microsoft Open Source Blog
Microsoft Open-Sources Agent Governance Toolkit

As enterprises race to deploy autonomous AI agents, one question keeps coming up in boardrooms and IT teams alike: how do we actually control what these things do?

Microsoft’s answer just arrived on GitHub. On April 2, 2026, Microsoft released the Agent Governance Toolkit — an open-source, multi-language framework for governing AI agents at runtime. It is the first publicly available toolkit to address all 10 risks in the OWASP Agentic AI Top 10, with sub-millisecond policy enforcement built directly into the execution layer.

This is not a guardrails tool. Microsoft is explicit about that. The toolkit does not filter LLM inputs or perform content moderation. What it does instead is govern what agents do — intercepting every action before it executes and enforcing policy deterministically.

What the Toolkit Actually Does

The Agent Governance Toolkit is a seven-package system available in Python, TypeScript, .NET, Rust, and Go. It ships with integrations for OpenAI Agents SDK, LangGraph, Haystack, and PydanticAI, meaning it can layer on top of most modern agent frameworks without requiring a full rebuild.

The core components work together:

Policy Engine (Agent OS): Every agent action is evaluated against a policy set before execution. Enforcement is sub-millisecond, so it does not meaningfully impact performance. Policies can map to regulatory frameworks including the EU AI Act, HIPAA, and SOC 2.

Zero-Trust Identity (Agent Mesh): Each agent receives a cryptographic identity using Ed25519 credentials with a trust score on a 0 to 1000 scale. Agent-to-agent communication is secured so compromised or rogue agents cannot impersonate trusted ones.

Execution Sandboxing (Agent Runtime): A four-tier privilege ring system controls what each agent can access. Execution can be terminated dynamically if an agent’s behavior exceeds its authorized scope.

Reliability Engineering (Agent SRE): Built-in SLOs, error budgets, and chaos engineering features let teams set measurable reliability standards for agent behavior — not just uptime, but behavioral consistency.

Compliance Layer: Automated governance verification produces compliance grades and evidence collections mapped to OWASP, EU AI Act, HIPAA, and SOC 2 simultaneously.

Why This Matters Now

The timing is not accidental. Enterprises are deploying agents at scale in 2026, but the tooling to govern them has been scattered and largely theoretical. Security teams have been asking for something that treats agent governance the same way infrastructure teams treat network security: systematic, enforceable, auditable.

The OWASP Agentic AI Top 10 — published earlier this year — catalogued the most critical risks in agentic systems: goal hijacking, memory poisoning, prompt injection chains, rogue agent behavior, and others. Until now, most teams have been handling these risks ad hoc, with custom code and hope. The Agent Governance Toolkit offers a standardized approach that can be adopted across teams and audited for compliance.

There is also a regulatory dimension. Organizations in the EU operating under the AI Act need to demonstrate governance over high-risk AI systems. The toolkit’s compliance grading feature was clearly built with this in mind, mapping directly to the regulatory frameworks that enterprises are currently scrambling to prepare for.

The Open-Source Play

Releasing this as open source under an MIT license is a calculated move. Microsoft already sells Agent 365, a paid governance platform launching May 2026 at $15 per user per month, aimed at enterprise-wide AI agent management. The open-source toolkit targets developers who want to build governance in from the ground up — rather than bolt it on afterward.

Both can coexist. A development team building a custom AI agent workflow might use the toolkit to enforce policy at the code level, while the enterprise IT team uses Agent 365 for centralized visibility across all deployed agents. They are different layers of the same governance problem.

What This Means for Business

If you are deploying AI agents in your business — or planning to — the Agent Governance Toolkit signals a maturation moment for the industry. Governance is no longer a vendor pitch. It is open-source infrastructure that any technical team can implement today.

Three practical implications stand out:

Security teams finally have a standard to work against. The OWASP Agentic AI Top 10 coverage means organizations can check governance status against a recognized framework, not just internal hunches. This makes AI agent security auditable in a way it was not before.

Regulated industries have fewer excuses. Healthcare, finance, and legal organizations that have been waiting for “enterprise-ready” agent governance now have a validated, publicly available toolkit that maps to their compliance obligations. The adoption argument just got harder to dismiss.

The bar for custom agent builds just rose. If you are building AI workflows on top of OpenAI Agents SDK, LangGraph, or PydanticAI, there is now a production-grade governance layer you can integrate in the same languages your team already uses. Not integrating it will increasingly become a hard question to answer in a security review.

For businesses working with Enterprise DNA’s Omni platform, this kind of governance infrastructure is already built into how we architect agent deployments. The release of an open-source standard makes the case for structured, auditable AI implementation even stronger — and makes it easier to have the governance conversation with clients who are still on the fence about moving from pilot to production.


The Microsoft Agent Governance Toolkit is available at github.com/microsoft/agent-governance-toolkit under an MIT license. It is currently in public preview with production-quality releases.

Working With Claude field guide cover

Free Resource

Going deeper with Claude?

Get the free 32-page implementation guide for ANZ teams.

No spam. Unsubscribe any time.