Security for AI and Agent Augmented Coding on Windows | OD853

Name: Security for AI and Agent Augmented Coding on Windows | OD853
Uploaded: 2026-06-03T10:47:55+00:00
Description: Klorida Miraj and Nazmus Sakib explain how Windows can provide OS-level security and governance for AI agent and agent-augmented coding workflows, using...

Today by Klorida Miraj, Nazmus Sakib

Klorida Miraj and Nazmus Sakib explain how Windows can provide OS-level security and governance for AI agent and agent-augmented coding workflows, using examples like sandboxing in GitHub CLI. The session focuses on containment, detection/response, and identity models to move agents from experiments to production safely.

Overview

This Microsoft Build 2026 session covers security considerations for agentic software on Windows, with an emphasis on how OS-level capabilities can help developers run AI agents with clearer execution boundaries and reduced privilege.

Windows and the rise of agentic software

AI agents are positioned as a new application model that can take actions on behalf of users.
The session frames Windows as a platform that can provide built-in:
- Security
- Observability
- Manageability

Example: collaborative agent building and “agent terrarium”

The speakers reference an “agent terrarium” example to illustrate collaborative agent development.
A concrete example mentioned is sandboxing in GitHub CLI, used to demonstrate safer execution patterns.

Understanding agent risks

Key risks highlighted:
- Non-determinism (agents may behave unpredictably)
- The need for explicit execution boundaries (clear separation of what an agent can and cannot do)

Governance foundations for agents

The session organizes agent governance around four pillars:

Containment
Detection
Identity
Trust

Containment and the Microsoft Execution Containers SDK (MXC)

The speakers introduce containment as a core control for running agents safely.
They reference the Microsoft Execution Containers SDK (MXC) as part of the containment story.

Containment spectrum

The session describes a range of containment options, including:

Micro-VMs
Process sandboxing
Cloud VMs

Detection and response

The session discusses detection and response using Microsoft Defender.
It also mentions local capabilities discovery as part of understanding and responding to agent behavior on a device.

Agent identity models and Entra integration

The speakers cover identity models for agents.
They reference Microsoft Entra integration for secure authentication, positioning identity as a key part of governable agent execution.

Conclusion: unified agent governance

The session closes by tying containment, detection, identity, and trust into a unified governance approach.
It includes a call to action aimed at developers moving agent scenarios from experimentation into production while maintaining security and developer velocity.