Public documentation for governed AI labor
SDKs/Governance/Connectors
Arx / Docs / ARXsec + Microsoft Agent Governance Toolkit: Complete Governance for Enterprise Security Agents

Documentation

ARXsec + Microsoft Agent Governance Toolkit: Complete Governance for Enterprise Security Agents

Project-Agent / blog/arxsec-microsoft-governance-integration.md

Project-Agent market blog/arxsec-microsoft-governance-integration.md

*April 12, 2026*

---

Ten days ago, Microsoft open-sourced the Agent Governance Toolkit — a seven-package framework for securing autonomous AI agents at runtime. It covers all 10 OWASP Agentic AI risks, delivers sub-millisecond policy enforcement, and supports LangChain, AutoGen, OpenAI Agents SDK, and more.

We built native integration the same week.

This post explains why that matters for CISOs, how the two platforms complement each other, and what the integration actually does.

---

The Problem Neither Solves Alone

Microsoft's toolkit is exceptional at governing how agents behave — runtime policy enforcement, cryptographic identity, execution sandboxing, compliance attestation. If you're building agents on Azure or using Microsoft's agent frameworks, it's the right foundation.

But enterprise security agents don't just talk to Microsoft services. They talk to CrowdStrike. Splunk. Okta. Palo Alto. ServiceNow. The agent that triages detections pulls from CrowdStrike, creates tickets in Jira, sends alerts to Slack, and might isolate a host through Palo Alto — all in one workflow.

Microsoft's toolkit governs the agent runtime. ARXsec governs what the agent touches.

Together, they answer every question a CISO will ask:

| Question | Microsoft AGT | ARXsec | |----------|---------------|--------| | Is the agent's identity verified? | Yes — Agent Trust | — | | Is the agent sandboxed at runtime? | Yes — Agent Supervisor | — | | What security tools can this agent call? | — | Yes — Declared Intent | | Can this agent read CrowdStrike but not write? | — | Yes — Policy Engine | | Did anyone approve the containment action? | — | Yes — Human-in-the-Loop | | Can I get a SOC 2 report for this agent? | Partial — Agent Compliance | Yes — Compliance Package | | Is the agent drifting from its declared scope? | — | Yes — Drift Detection |

Neither platform alone covers the full governance story. Combined, they do.

---

What the Integration Does

ARXsec's Microsoft Governance connector enables bidirectional data flow between the two platforms:

1. Policy Sync

Import Microsoft governance policies into ARXsec. Export ARXsec's per-connector permission rules to Microsoft's policy format. An agent governed by both systems gets the strictest enforcement from either side.

```python

Import Microsoft policies into ARXsec

ms_policies = await arx.microsoft_governance().import_policies()

Evaluate an action against Microsoft's policy engine

result = await arx.microsoft_governance().evaluate_action( agent_id="triage-agent", tool="crowdstrike", action="hosts:write", params={"ids": ["PROD-DB-01"]} )

result: {"decision": "deny", "reason": "high_risk_action", "score": 0.94}

```

2. Unified Audit Trail

Microsoft's toolkit logs agent runtime events. ARXsec logs every connector call, policy verdict, and approval decision. The integration pushes ARXsec audit entries to Microsoft's compliance trail — so the CISO sees one unified audit across both systems.

```python

Push ARXsec audit event to Microsoft compliance

await arx.microsoft_governance().push_audit_event({ "agent_id": "triage-agent", "action": "connector.called", "connector": "crowdstrike", "operation": "detections:read", "verdict": "PERMIT", "risk_score": 15, "timestamp": "2026-04-12T00:00:00Z" }) ```

3. Agent Inventory Sync

Microsoft-managed agents appear in ARXsec's Agent Registry alongside non-Microsoft agents. The CISO sees everything from one screen — which agents exist, what they can access, who owns them, when they last ran.

4. Trust Score Integration

Microsoft's Agent Trust package provides cryptographic identity verification and trust scoring. ARXsec can read these scores and factor them into risk calculations — a low-trust agent gets higher risk scores and stricter policy enforcement.

5. Compliance Data Exchange

Microsoft's Agent Compliance package maps agent behavior to EU AI Act, HIPAA, and SOC 2. ARXsec's Compliance Package Generator produces SOC 2 evidence, data flow diagrams, and vendor security questionnaires. The integration merges both — Microsoft provides runtime attestation, ARXsec provides connector-level evidence.

---

How It Works Architecturally

`` ┌─────────────────────────┐ │ Enterprise Agent │ │ (LangChain, AutoGen, │ │ OpenAI Agents, etc.) │ └───────────┬─────────────┘ │ ┌───────────▼─────────────┐ │ Microsoft AGT Runtime │ │ ├─ Agent OS (policy) │ │ ├─ Agent Trust (identity)│ │ └─ Agent Supervisor │ │ (sandbox/isolation) │ └───────────┬─────────────┘ │ ┌───────────▼─────────────┐ │ ARXsec Platform │ │ ├─ Connector Gateway │──▶ CrowdStrike │ │ (101+ connectors) │──▶ Splunk │ ├─ Policy Engine │──▶ Okta │ │ (declared intent + │──▶ Jira │ │ per-connector rules) │──▶ Slack │ ├─ Audit Trail │──▶ PagerDuty │ ├─ Human-in-the-Loop │──▶ ... │ └─ Compliance Engine │ └─────────────────────────┘ ``

Microsoft governs the agent runtime. ARXsec governs the tool access layer. The integration syncs policies, audit, and compliance between them.

---

Why This Matters for CISOs

The Question the Board is About to Ask

*"What AI agents are running in our security environment, what can they access, and can you prove they followed the rules?"*

With ARXsec + Microsoft Agent Governance Toolkit, the answer is:

  • What's running: Agent Registry shows every agent — Microsoft-managed and custom-built
  • What they access: ARXsec tracks every connector call across 101+ security tools
  • The rules: Microsoft AGT enforces runtime policies; ARXsec enforces tool-access policies
  • Proof: Unified audit trail spanning both platforms, exportable to any SIEM
  • Compliance: SOC 2 evidence generated from actual runtime behavior, not documentation

No Custom Integration Work

The Microsoft Governance connector is native to ARXsec — same pattern as every other connector. Configure it in the dashboard, enter your AGT endpoint URL, and the sync starts. No code. No middleware. No consulting engagement.

---

Getting Started

  1. Deploy Microsoft AGTpip install agent-governance[full] or deploy via Azure Container Apps
  2. Configure in ARXsec — Dashboard > Connectors > Microsoft Agent Governance Toolkit > Enter AGT URL
  3. Sync policies — Import Microsoft policies, merge with ARXsec rules
  4. Enable audit push — ARXsec audit events flow to Microsoft compliance
  5. View unified registry — All agents visible in one dashboard

---

What's Next

We're working on deeper integration with specific AGT packages:

  • Agent Mesh integration — govern multi-agent communication across ARXsec-managed connectors
  • Agent Compliance bidirectional — feed ARXsec compliance data into Microsoft's EU AI Act mapping
  • Agent Trust as risk signal — low-trust agents automatically get stricter ARXsec policies

The goal is simple: no matter where your agents run or what they touch, one governance layer covers everything.

---

*ARXsec is the compliance-native infrastructure platform for enterprise AI agents. 101+ native connectors. Real-time policy enforcement. Human-in-the-loop approval gates. One-click SOC 2 compliance packages.*

*Request Early Access*