At the annual Microsoft Build developer conference, which kicked off today (Wednesday) at the Seattle Convention Center, Microsoft presented the next generation of development in the age of artificial intelligence. The company’s CEO and chairman, Satya Nadella, took the stage and unveiled the vision of the “Open Agentic Web” – an innovative space where autonomous AI agents operate, communicate, and carry out tasks on behalf of users, teams, and organizations.
Microsoft announced a range of new capabilities that revolutionize software development – simplifying the process of building intelligent and secure agents, accelerating scientific discoveries, and promoting open standards and collaborative infrastructure across platforms.
In addition, the company is launching broad updates that allow developers to work faster, think bigger, and build systems at an unprecedented scale – including a significant upgrade to GitHub Copilot, which for the first time becomes an independent code agent.
The term Open Agentic Web is a central component of Microsoft's vision for the new era: A web in which not only humans surf and take action – but also AI agents. Websites, apps, and services will open their information and capabilities so that intelligent agents can access, understand, and act through them for the benefit of users.
This infrastructure is based on open protocols like the Model Context Protocol (MCP) and enables a safe, transparent, and controlled environment for autonomous agent operation. Through the Open Agentic Web, Microsoft aims to create a space where AI agents operate alongside users, interact with information and systems – and carry out tasks more intelligently, accurately, and efficiently.
The conference also revealed a series of AI-powered software development innovations: From GitHub to Windows. GitHub Copilot is undergoing a fundamental transformation – from a simple code assistant to an autonomous development agent capable of running asynchronous tasks, conducting code reviews, understanding complex contexts, and performing automated testing and deployment. Furthermore, the new features are available as open source in VS Code, with options for enterprise customization. Windows AI Foundry offers a new platform for developing and running models on personal computers or in the cloud – including support for open models.
One of the most promising innovations unveiled as part of the agentic web vision is NLWeb, a new Microsoft project aimed at making websites accessible and comprehensible to AI agents through a natural language interface. Similar to what HTML did for the visual web, NLWeb is expected to allow intelligent agents to “read,” understand, and interact with websites – based on the data and models the site chooses to make available.
Any site that adopts the new standard can become an access point for digital agents, whether it involves content interaction, customer service, or knowledge-based actions. Each NLWeb point will also be defined as an MCP (Model Context Protocol) server, enabling agents not only to find supported sites but also to operate within them in a controlled, secure, and permission-based manner. Through NLWeb, Microsoft aims to create a new generation of websites – not just for visibility, but for action.
The company also presented new security solutions for developers of AI agents and applications. According to estimates, by 2025 about 70% of malicious attacks will focus on the early stages of development processes – a statistic highlighting the importance of implementing advanced protections from the very beginning of building AI solutions.
To address these challenges and enable customers to securely manage their AI environments, Microsoft announced several groundbreaking security developments, some of which were led by engineers from its Israeli development center. These include the development of new foundational capabilities in Azure AI Foundry for safe creation and management of AI agents and applications that can plan, act, and learn over time about the organization to drive business outcomes. Among the developments are:
Spotlight – as AI systems increasingly rely on external information sources, a new type of attack has emerged – indirect prompt injection attacks, where hidden malicious instructions are embedded in documents, emails, or online content, causing models to act without direct user prompts. These attacks are extremely difficult to detect and cannot be prevented using traditional methods. The new Spotlight feature, part of Azure AI Content Safety, strengthens the Prompt Shields defense mechanism and improves the ability to identify hidden hostile instructions.
Task Adherence – a mechanism that ensures task execution by agents and enables real-time evaluation of whether an agent’s behavior aligns with its assigned task, including capabilities for control, interruption, or escalation to human review.
Continuous Monitoring – ongoing evaluation and monitoring of AI agent systems via a dashboard to track key metrics such as performance, quality, safety, costs, and anomalies in real time.