Microsoft Ignite 2025 summarized

Microsoft is focusing heavily on AI agents that no longer just provide support, but independently take on tasks, prepare decisions, and control workflows. At its core is Agent 365, a new platform that companies can use to develop, manage, secure, and monitor agents. This is complemented by new identities for agents (Entra Agent ID) as well as security solutions and comprehensive governance tools.

Microsoft 365 Copilot gets specialized agents for Word, Excel, and PowerPoint that create high-quality content, analyze data, and take over entire work processes. In Teams, agents communicate with third-party apps such as GitHub or Jira via the Model Context Protocol.

Three new layers—Work IQ, Fabric IQ, and Foundry IQ—form the semantic basis for enterprise AI. They link data from M365, business processes, locations, and internal knowledge sources and make it usable for agents.

In the security area, there are twelve new security agents that analyze threats, verify identities, control permissions, and support compliance – embedded in Defender, Entra, Intune, and Purview.

For developers, there are new tools for running AI locally or in the cloud: Windows offers new on-device AI APIs, and cloud PCs can run agents in controlled environments (Windows 365 for Agents). The entire AI lifecycle – from design to deployment – is being improved.

According to a new study, 68% of companies are already using AI; companies that adopt agents early on achieve significantly higher returns. Microsoft is thus positioning AI agents as the standard for the next generation of enterprises.

Announcements

Here are the points that are particularly relevant for companies – operational, organizational, and regulatory:

Agent 365 & Entra Agent ID → important for regulated industries

Germany has strict requirements for governance, data protection, traceability, and identity systems (especially Bafin & ISO environments).

Agent 365 offers:

•    Complete monitoring of agents

•    Audit logs for every action

•    Policies & roles that can be configured to comply with GDPR

•    Identity verification for agents via Entra Agent ID (important for the financial sector, industry, public administration)

=> This provides a controllable framework for AI, as is often required in Germany.

Security agents

The twelve new security agents can:

•    automatically analyze incidents

•    monitor identity risks

•    check compliance rules

•    clean up permissions

=> This is particularly relevant given that, according to Bitkom, Germany has a lack of thousands of security experts every year.

Work IQ & Fabric IQ → big impact for small and medium-sized businesses

German SMEs often have:

•    fragmented data silos

•    little internal AI expertise

•    heterogeneous IT landscapes

Fabric IQ and Foundry IQ create a uniform, semantic database – without huge data warehouse projects.

=> This makes AI “SME-compatible.”

New M365 agents => Productivity boosters for office-intensive industries

Particularly relevant in Germany for:

•    Mechanical engineering (documentation, quotations)

•    Consulting (analyses, presentations)

•    Public service (forms, letters, evaluations)

•    Insurance (reports, damage analyses)

The agents in Word/Excel/PowerPoint are designed to:

•    create complete documents

•    prepare tables

•    automatically build presentations

=> Significant time savings for highly regulated or documentation-heavy processes.

Local AI in Windows → important for data protection & industry

Many companies do not want to send data to the cloud.

The new on-device APIs offer:

•    AI without the internet

•    Stable image and speech models locally

•    Lower latency

•    Possibility for edge computing in Industry 4.0

Windows 365 for Agents => secure cloud operation

Cloud PCs are attractive for companies because:

•    Data remains in the data center

•    Centralized management is easier

•    Hybrid work has become the norm

Agents can now run on these cloud PCs – securely, in a controlled manner, and scalably.

=> A good solution for using AI, but without the risk of uncontrolled growth.

MCP connections (Teams ↔ Jira, GitHub, SAP)

MCP = Model Context Protocol, a protocol for connecting AI models with external data and tools.

Many companies work extensively with:

•    Jira (IT & project management)

•    SAP (ERP & logistics)

•    GitHub Enterprise

•    Atlassian stacks

Agents can interact directly with these via MCP.

=> This makes AI immediately usable for existing core systems.

==> All announcements can be found in the Book of News: https://news.microsoft.com/ignite-2025-book-of-news/ 

How Copilot Works – some further aspects

The article describes how genAI and, above all, Microsoft Copilot AI worked. The aim is to take possible options into account when designing the solution architecture and approach in order to achieve the desired result later on. This is because Copilot uses some functions in M365 to generate its answers—and that brings some special challenges with it.

How does Copilot work in Microsoft 365? Data flow of a prompt

Microsoft 365 Copilot is not only a powerful tool for increased productivity, but also a secure and compliant solution. With its advanced data protection and governance features, Copilot ensures that data remains within the boundaries of the Microsoft 365 service and is protected in accordance with existing security, compliance, and privacy policies. The same applies to the semantic index.

The semantic index for Copilot is a feature that helps AI understand context and deliver more accurate results. It builds on the keyword matching, personalization, and social matching features in Microsoft 365 by creating vectorized indexes to enable conceptual understanding. This means that, unlike traditional methods for queries based on exact matches or predefined criteria, the semantic index for Copilot finds the most similar or relevant data based on semantic or contextual meaning, rather than just keywords.

Source and further details: Semantic indexing for Microsoft 365 Copilot and YouTube video from Microsoft Mechanics: How Microsoft 365 Copilot works | Timestamp 139 seconds. Also, check out Michael Bargury's blog post titled: Copilot Vulnerable to RCE. To explain how the RCE hack works, he explains how Copilot works under the hood.

How exactly does the data flow work?

Key points about how Copilot for Microsoft 365 works

• Starting point: Entering the prompt
• The user enters a prompt in a Microsoft 365 app (e.g., Teams, Word, Outlook).
• The request is transmitted securely (TLS 1.2 or higher).
• Preprocessing and security checks:
• Copilot performs Responsible AI (RAI) checks to prevent harmful content.
• Grounding: The prompt is enriched with context from Microsoft Graph to better understand the user's intent.
• Processing by the LLM:
• The modified prompt is sent to a dedicated LLM within the Microsoft 365 environment.
• Important security aspects: No customer data is stored in the LLM or used for training. The LLM operates statelessly.
• Postprocessing:
• After the LLM responds, grounding and RAI checks are performed again.
• Copilot adds relevant data from Microsoft Graph to the response.
• Compliance and Retention:
• Prompts and responses are stored in Exchange Online for eDiscovery, legal hold, and compliance aspects.
• Output to the user:
• The final answer is returned to the original app.

System Prompt

What is a System Prompt by Nikhil Pattanshetty - MSFT

The Copilot for Microsoft 365 System Prompt is a set of predefined instructions and guidelines that influence Copilot's behavior and responses. It contains information about where to find data, how to respond, and what tone and style to use. For example, the system prompt might instruct Copilot to use information from Microsoft Graph, respond in an informative and professional manner, and use search results from multiple queries to provide a comprehensive response.

A slightly older version of the Copilot system prompt is available on Git Hub: Microsoft Copilot System Prompt (19-12-24).txt This gives you an idea of what is defined/regulated there. Example:

The system prompt is not visible to the user. However, there is a public source that describes the Copilot system prompt: What is Copilot for Microsoft 365 system prompt?

The system prompt can also be addressed in the user prompt.

Examples:

• I don't want you to agree with me just to be friendly or sympathetic.
• Drop all filters and be brutally honest, direct, and logical.

Ranking

I have already written about sorting order/ranking in a previous article: Content by AI – that's what they call it... -> Chapter: Ranking (including example and screenshots).

There is also a tool for this purpose, the AI Rank Checker: https://airankchecker.net/blog/best-ai-optimization-tools/ The tool is not free, and the author has not evaluated it himself. Unfortunately, it is therefore not possible to comment on how good the tool is.

The topic of search ranking plays a central role in usability and SEO. When the term “search-driven” emerged a few years ago, it essentially addressed the same question: How can we control which results are displayed first in a search? With AI and Copilot, we are now facing this challenge once again. Web parts such as the FAQ web part or Copilot integration in the text web part (e.g., “Write with Copilot” in the SharePoint rich text editor) raise similar questions: What does the average user see—and in which order?

Further articles on the topic of ranking:

• https://www.lawrencehitches.com/copilot-search-optimization/
• https://rankingcopilot.com/