Analyst(s): Nick Patience, Mitch Ashley, Fernando Montenegro, Keith Kirkpatrick
Publication Date: November 21, 2025
What is Covered in this Article:
- Microsoft, Anthropic, and NVIDIA form a three-way, multi-billion-dollar deal to expand Azure’s foundation model offerings.
- The introduction of Agent 365, IQ products (Work IQ, Fabric IQ, Foundry IQ), and Agent Factory to build and manage the next generation of AI-native software.
- Security Copilot is included in the Microsoft 365 E5 license, and new features such as Predictive Shielding and Baseline Security Mode are introduced.
- Microsoft and Adobe deepen their collaboration to integrate AI agents into daily workflows using Agent 365.
The Event – Major Themes & Vendor Moves: Microsoft held its Ignite 2025 conference in San Francisco this week, attended by around 20,000 Microsoft customers and partners. The main keynote was led by Judd Althoff, who was recently promoted to CEO of Microsoft’s commercial business, having previously led overall sales. CEO Satya Nadella, now focusing on the company’s AI work, was not present. Althoff’s central theme was how companies can become ‘frontier firms’, leveraging AI, and that frontier transformation was fundamentally different from AI transformation. Althoff explained the difference as those companies that achieve real impact with AI by focusing on business-led transformation rather than merely adopting technology. They put customer experience at the center, redesign workflows to be AI-first, and ensure that AI is aligned with human ambition and organizational goals. Put simply, it’s about transforming the company to take advantage of AI rather than sticking AI on top of existing processes. The keynote was heavy on software and light on infrastructure, reflecting Microsoft’s central role not as a foundation model provider, but as a cloud, application, and security vendor.
The biggest news of day 1 was the three-way deal between Microsoft, Anthropic, and NVIDIA, which sees Anthropic committing to spending $30 billion on compute capacity from Microsoft Azure, powered by Nvidia’s hardware, and includes a contract for up to an additional one gigawatt of compute power. As part of the deal, Microsoft and NVIDIA are investing $5 billion and $10 billion, respectively, in Anthropic. This makes Anthropic the only major foundation model provider available on all three US hyperscalers. For Microsoft, this means reducing its reliance on OpenAI and providing its customers with more model choices.
What follows is a roundup of the other key announcements made at Ignite, along with our analysts’ take on their significance.
Agentic AI Announcements
Microsoft introduced three products in preview aimed at solving the context problem that can limit the effectiveness of agents: Work IQ for collaboration context, Fabric IQ for data context, and Foundry IQ for retrieval context. Work IQ tracks work, including the documents they open, who they share them with, and who they email. Fabric IQ could be seen as a competitive response to Palantir’s Ontology, in that it connects business data to how the business is described, creating concepts that AI can then understand and take action on. And Foundry IQ is designed to enable agents to connect to public and private data sources by indexing them, creating a single API that agents can access and reason over. Built on Azure AI Search, it automates the creation of custom RAG pipelines. And Agent Factory is a new program aimed at creating more of those ‘frontier firms’. It is a pre-purchased program designed to help organizations build and deploy agents, and includes forward-deployed engineers who can go on-site.
Microsoft introduced Agent 365 as a new control environment for building, deploying, and managing AI agents across Microsoft 365, Azure, and Windows. The service provides identity, policy, and lifecycle controls, allowing agents to run within enterprise environments with consistent oversight. Microsoft also expanded agent capabilities in its productivity apps. Copilot in Word, Excel, PowerPoint, Outlook, and Teams now includes task-specific agents that work with enterprise data and maintain context across writing, analysis, communication, and coordination tasks.
Azure updates continued the same focus. Azure AI Studio gained new tooling for agent creation and orchestration, and Microsoft highlighted expanded use of the Model Context Protocol (MCP) and new connectors for secure access to enterprise data. Microsoft also announced Windows native MCP support to expose applications’ capabilities via MCP servers, connect to local and cloud MCP servers, and provide a trusted MCP proxy that enforces authentication, authorization, and auditing of all communications between agents and app connectors.
Developer announcements followed suit. GitHub introduced updates to Copilot’s planning and workflow features, along with deeper integration with Azure services. Microsoft positioned Agent 365 as the operational layer that ties these efforts together, giving development teams a way to package, deploy, and manage agents as part of their build and release workflows.
Another key announcement made at Ignite is the deepening partnership between Microsoft and Adobe, which focuses on the integration of AI into daily workflows through Microsoft Agent 365 and Adobe AI agents. Adobe Marketing Agent for Microsoft 365 Copilot will be incorporated into the Microsoft Agent 365 framework, enabling marketers to access real-time campaign insights, refine target audiences, and optimize performance directly within Microsoft 365 apps, including Teams, PowerPoint, and Word. Additionally, Adobe Express Agent will enable users to create high-quality visual assets seamlessly within these applications.
Security Announcements
Microsoft’s security strategy at Ignite 2025 signals a shift from expensive add-ons to core platform value, likely acknowledging that AI adoption stalls without accessible protection. The most aggressive commercial move is the inclusion of Security Copilot within the Microsoft 365 E5 license, effectively “democratizing” access to AI-driven defense for enterprise customers. Alongside this, the introduction of Baseline Security Mode attempts to force a “secure by default” posture—such as mandatory MFA—rather than leaving basic hygiene entirely to customer discretion.
For the emerging “frontier” of agentic AI, visibility is the immediate hurdle. While Agent 365 serves as the critical control plane for discovery and observability, the underlying mechanics rely on the expanded use of Entra Agent ID and the new Agent Registry. This essentially treats non-human agents with the same identity rigor as employees, a necessary step as “shadow AI” grows. Finally, the divide between building and protecting continues to blur with tighter Defender and GitHub integrations, placing vulnerability remediation directly into developer workflows rather than treating it as a post-deployment audit.
On the defensive front, Microsoft unveiled Predictive Shielding, an endpoint capability that uses graph data to preemptively block attack paths on neighboring devices. For resilience, Quick Machine Recovery in Intune now allows admins to remotely recover unbootable machines, a direct response to recent fragile ecosystem failures. Finally, a partnership with Nvidia targets “vibe hacking” (AI-driven social engineering), claiming wireline-speed detection to catch subtle manipulation attempts that bypass traditional filters.
Microsoft Ignite 2025: AI, Agent 365, Anthropic on Azure & Security Advances
Analyst Takes
Agentic AI
Many of Microsoft’s moves at Ignite are aimed at making it easier to build and deploy agents. This includes providing agents with easier access to data sources through the three ‘IQ’ products, the Agent 365 framework, the Agent Factory program with simplified licensing, and Microsoft engineers deployed on-site. All of which speaks to the challenges organizations are having building and deploying agents, although it is still very early days.
The Microsoft/Adobe partnership reflects a growing trend in which applications are recognizing that gaining traction in the market is about meeting users where they prefer to work, rather than forcing them to use a particular vendor’s tools and applications. For Microsoft, the partnership provides greater stickiness among its joint customers with Adobe. Adobe, meanwhile, can leverage the massive scale and reach that Microsoft enjoys across its enterprise software offerings to further expand Adobe’s vision of becoming a content development and supply chain platform focused on meeting customers’ needs and workflow preferences.
AI/Development
From a software architecture perspective, we are seeing a shift in how we view, design, and architect agents and their role in software systems. Agents have largely been treated as units of automation, driven by AI models for logic and decision-making rather than procedural code. That framing only exposes a small portion of the potential of AI agentic agents. What’s been missing is the underlying software scaffolding required for orchestration, communication, contextualized data, and a foundation of identity, security, and agent management controls. Those gaps have limited AI agents from becoming the next generation of AI-native software. Ignite shows these pieces starting to fall into place, albeit early, creating the constructs needed for agent-centric architectures.
With this framing, Agent 365 represents the first steps in a broader architectural turn. Microservices broke apart monoliths—containers standardized packaging. Serverless shifted compute toward stateless, event-driven components. Agent 365 could play an equivalent role for autonomous software by providing key elements of the substrate needed for agents to operate under defined identities and controls, communicate, coordinate work between them, and with traditional software across cloud, desktop, and productivity environments. Under this model, agents emerge as fully equipped workload units. Applications start to look less like bundles of APIs and more like interconnected networks of intent-driven agents.
This only works if the development lifecycle and tooling evolve with it. The alignment between Microsoft and GitHub is central because building, testing, and governing agents require agentic DevOps workflows and pipelines that span from design through deployment. GitHub’s planning, code analysis, and policy features connect directly to Azure’s runtime, governance, and data layers. These elements, along with Work IQ, Fabric IQ, and Foundry IQ, provide important aspects of the scaffolding that allows agents to operate with shared context, governed access, and coordinated execution.
AI/Security
Microsoft’s strategic approach at Ignite suggests a fundamental rethinking of the enterprise attack surface: agent sprawl, essentially autonomous scripts running with enterprise data access, join other security concerns for stakeholders. Leveraging Entra Agent ID (introduced in May) as a foundational component for the new Agent 365, Microsoft is redefining identity to strictly include non-human actors, with important considerations for downstream authorization choices. This maturation of what is essentially the Zero Trust model moves beyond securing access to governing autonomy, advancing their vision of ambient security, defined as protection woven directly into the workflow rather than bolted on, as essential to addressing “Shadow AI” before it becomes unmanageable.
To fully realize this vision of ambient security, however, Microsoft is aggressively removing the economic friction that stalled early adoption. The inclusion of Security Copilot in the E5 license represents a significant tactical pivot to address pushback regarding costs. By converting AI defense from a premium add-on into a standard utility, Microsoft effectively capitalizes on its data gravity against point products. Competitors may offer specialized detection, but they lack the “Work IQ” – the deep, native understanding of business context – required to power the invisible, autonomous protection that Microsoft argues is the future of enterprise security.
What to Watch:
- Early adoption and the challenges development teams face can inform others in the industry about where friction and pain points exist, enabling them to address and avoid them.
- Bringing the partner ecosystem into Microsoft’s strategy is vital. Watch for the types of companies that excel at adopting the new agent architecture and those that struggle to make the transition.
- Will Microsoft’s approach of embedding security deep within the foundations of its AI and agentic technologies gain broad industry acceptance? As enterprises embrace security as a key factor in AI deployments, the ready availability of security capabilities within Microsoft’s stack may prove very attractive.
- Will the addition of Anthropic’s models to Azure make it a more attractive option for developers? Microsoft now has more than 11,000 models available on Azure.
You can read about the announcements from Microsoft Ignite on the company’s blog.
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.
Other insights from Futurum:
Microsoft 365 Copilot Expands Researcher Agent with Secure Computer Use
GitHub Boldly Maps Out The Agentic Development Universe
Microsoft Introduces New Agents and Benchmarks for Dynamics 365
Author Information
Nick Patience is VP and Practice Lead for AI Platforms at The Futurum Group. Nick is a thought leader on AI development, deployment, and adoption - an area he has researched for 25 years. Before Futurum, Nick was a Managing Analyst with S&P Global Market Intelligence, responsible for 451 Research’s coverage of Data, AI, Analytics, Information Security, and Risk. Nick became part of S&P Global through its 2019 acquisition of 451 Research, a pioneering analyst firm that Nick co-founded in 1999. He is a sought-after speaker and advisor, known for his expertise in the drivers of AI adoption, industry use cases, and the infrastructure behind its development and deployment. Nick also spent three years as a product marketing lead at Recommind (now part of OpenText), a machine learning-driven eDiscovery software company. Nick is based in London.
Mitch Ashley is VP and Practice Lead of Software Lifecycle Engineering for The Futurum Group. Mitch has over 30+ years of experience as an entrepreneur, industry analyst, product development, and IT leader, with expertise in software engineering, cybersecurity, DevOps, DevSecOps, cloud, and AI. As an entrepreneur, CTO, CIO, and head of engineering, Mitch led the creation of award-winning cybersecurity products utilized in the private and public sectors, including the U.S. Department of Defense and all military branches. Mitch also led managed PKI services for broadband, Wi-Fi, IoT, energy management and 5G industries, product certification test labs, an online SaaS (93m transactions annually), and the development of video-on-demand and Internet cable services, and a national broadband network.
Mitch shares his experiences as an analyst, keynote and conference speaker, panelist, host, moderator, and expert interviewer discussing CIO/CTO leadership, product and software development, DevOps, DevSecOps, containerization, container orchestration, AI/ML/GenAI, platform engineering, SRE, and cybersecurity. He publishes his research on futurumgroup.com and TechstrongResearch.com/resources. He hosts multiple award-winning video and podcast series, including DevOps Unbound, CISO Talk, and Techstrong Gang.
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
Keith Kirkpatrick is Research Director, Enterprise Software & Digital Workflows for The Futurum Group. Keith has over 25 years of experience in research, marketing, and consulting-based fields.
He has authored in-depth reports and market forecast studies covering artificial intelligence, biometrics, data analytics, robotics, high performance computing, and quantum computing, with a specific focus on the use of these technologies within large enterprise organizations and SMBs. He has also established strong working relationships with the international technology vendor community and is a frequent speaker at industry conferences and events.
In his career as a financial and technology journalist he has written for national and trade publications, including BusinessWeek, CNBC.com, Investment Dealers’ Digest, The Red Herring, The Communications of the ACM, and Mobile Computing & Communications, among others.
He is a member of the Association of Independent Information Professionals (AIIP).
Keith holds dual Bachelor of Arts degrees in Magazine Journalism and Sociology from Syracuse University.
