Replit gives professionals a secure place to build with AI. Replit Agent already protects your apps as you build by automatically scanning for vulnerabilities, and audits dependencies, before your projects are ever published. Before coding agents, a full pre-launch security review meant additional weeks of back-and-forth: coordinating with security engineers, reviewing reports, and manually fixing issues. Today, we are introducing Replit Security Agent, which lets you you complete a comprehensive security review of your app in under an hour. Security Agent acts on a customizable threat modeling plan to review your entire codebase. It also uses a unique hybrid approach, leveraging Semgrep and HoundDog.ai as tools to improve the accuracy of its findings. Daghan Atlas, Head of Product at Semgrep, shares: “The most effective security is the kind that works seamlessly. Replit's Security Agent is a great example of what's possible when you pair the contextual reasoning of LLMs with the determinism and program analysis capabilities of Semgrep. We're excited to see this combination in the hands of Replit's massive builder community.”

As AI agents increasingly work alongside humans across organizations, companies could be inadvertently opening a new attack surface. Insecure agents can be manipulated to access sensitive systems and proprietary data, increasing enterprise risk.

In some modern enterprises, non-human identities (NHI) are outpacing human identities, and that trend will explode with agentic AI. Solid governance and a fortified security foundation are therefore critical. 

According to the Deloitte AI Institute 2026 State of AI report, nearly 74% of companies plan to deploy agentic AI within two years. Yet only one in five (21%) reports having a mature model for governance of autonomous agents. Executives are most concerned with data privacy and security (73%); legal, intellectual property, and regulatory compliance (50%); followed closely by governance capabilities and oversight (46%).

Enterprises may not even realize they are treating agents within their environment as first-class citizens with the keys to the kingdom, creating looming blind spots and potential points of exposure. What is needed is a robust control plane that governs, observes, and secures how AI agents, as well as their tools and models, operate across the enterprise.

“A control plane is the shared, centralized layer governing who can run which agents, with which permissions, under which policies, and using which models and tools,” according to Andrew Rafla, principal, Deloitte Cyber Practice.

“Without a true control plane, you don’t really have the ability to scale agents autonomously—you just have unmanaged execution, and that comes with a lot of risk,” he says. “If you can’t answer what an agent did, on whose behalf, using what data, under what policy—and whether you can reproduce or stop it—you don’t have a functional control plane.”

Governance must make those answers obvious, not aspirational, he says. Governance is what turns AI pilots into production use cases. It’s the bridge that lets companies move from impressive experiments to safe, repeatable, enterprise-wide automation.

Without governance, agent deployments don’t fail safely. They fail unpredictably and at scale.

Download the article.

This content was produced by Insights, the custom content arm of MIT Technology Review. It was not written by MIT Technology Review’s editorial staff. It was researched, designed, and written by human writers, editors, analysts, and illustrators. This includes the writing of surveys and collection of data for surveys. AI tools that may have been used were limited to secondary production processes that passed thorough human review.

Defense in Depth: How Replit Secures Every Layer of the Vibe Coding Stack Vibe coding is changing how software gets built. But as AI agents write more of our code, the question security teams are asking has shifted from "Can AI build this?" to "Can I trust what AI builds?". At Replit, we believe the answer has to be yes, not through blind faith, but through architecture. Every layer of the Replit infrastructure where customer code runs, from the development sandbox to the production deployment, is designed with defense in depth. The Replit platform itself, our control plane, is also implemented with these principles in mind. No single control is the last line of defense. Every layer assumes the one above it might fail. This post is a detailed walkthrough of how we think about security across the stack, written for the people who need to evaluate it: CISOs, security engineers, and teams considering Replit for production workloads. Zero Trust as a Foundation Replit adheres to Zero Trust Architecture principles across our internal infrastructure. Concretely, that means:

It is something you hear from folks about why they use artificial intelligence. Interestingly, it is the same thing people would say before this moment when you asked them why they don’t write. As I sit here on a Sunday afternoon, writing various fictional and non-fictional stories in my notebook, as well as running multiple Claude agents to crawl and produce machine-readable artifacts for thousands of different companies—you can really feel the extraction that occurs, leaving us without ideas.

I wouldn’t just blame AI here. TV has long been eroding our creativity since mid way through the last century. The Internet just personalized it. And AI is turning up the volume. We don’t have any ideas, because we have resorted to just being consumers, and we are in the business have having ideas. We’ve outsourced our need for ideas rather than seeing ourselves as the source of ideas. I’ve walked this line my whole life. I was a TV baby for sure. I was an early Internet adopter and believer. I have suffered chronically throughout my life at not being good at anything and not having any good ideas.

In 2010 I bought a lot of books, but never really read. Then I began writing. I fell in love with writing. I learned to need writing. It would take me another decade before I would fall back in love with reading. I now see reading and writing as essential. Not just to having ideas, but living. They are related. If I don’t have ideas, it is because I don’t read enough. If I don’t have ideas it is because I don’t write. This isn’t just about a single book or single story. This is about doing it in general. Having muscles. Having a desire to read and write. Hitting the wall with reading and writing. Getting back to it. Practicing, failing, succeeding. Just showing up and doing it regularly.

As I write this I am tending to 3 separate Claude agents. One is doing research, another is taking that research and updating a website, and a third is looking through the work I’ve done this week. I do all of this for my business Naftiko to understand how my clients operate, what they need, and where the gaps are. This story lives in Kin Lane, where we don’t use AI, but straddling the two worlds reveals very clearly for me why we don’t have ideas. Like I said before, this isn’t just AI. This is a social media, Internet, and television thing. We don’t have ideas because we’ve opted to not have ideas. We made that choice. We continue to make the choice each day.

When I started API Evangelist I barely had any ideas. I took me years to get to the point where I had a sustained flow of ideas, let alone any good ideas. I have had seasons on API Evangelist where I write 3-5 blog posts a day. Too many ideas (not possible). Even some of the unpolished ones are worth it because they contributed to more polished ones down the road. I also have seen the unintended side-effect of the process when I produce ideas I barely notice, but others see as gems. After reading this, I want you to know that if you find yourself in a moment where you don’t have any ideas—you have put yourself there. Go read. Go write. You’ll be fine.

AI has moved quickly from experimentation to production. Customers want measurable business outcomes, along with security, governance and responsible AI built in from day one. Microsoft partners are a meaningful differentiator to deliver these objectives. They turn ideas into deployable solutions by prioritizing the highest value use cases, building the right data and security foundations and establishing adoption and measurement capabilities so customers can run AI reliably in production.

Frontier Transformation is where AI becomes a repeatable, governed capability embedded into the flow of work, business processes and customer engagement. Customers are quickly moving from targeted pilots to operating AI at scale with a foundation built upon identity, data protection, compliance, monitoring and change management. As organizations expand from custom agents to agent-led processes, unified governance is essential so leaders can manage risk, track performance and scale with confidence.

Two essentials: Intelligence and Trust

Frontier Transformation depends on two essential elements: intelligence and trust. Customers want solutions grounded in their unique work intelligence, including their data, business context and operational realities. They also expect trust by design, with AI artifacts observable, managed and secured across the technology stack so they can deploy responsibly and scale with confidence.

A success framework for Frontier Transformation

Microsoft has developed a powerful framework for success as partners enable AI transformation for customers across all segments, industries and geographies:

1. Enriching employee experiences: enabling businesses to empower employees with world-class tools and capabilities to activate a thriving, productive workforce
2. Reinventing customer engagement: applying AI and agentic solutions to break through with customers, accelerate revenue growth, become more efficient at customer acquisition and deliver more personalized solutions
3. Reshaping business processes: redesigning workflows across the business, enhanced by AI and agentic capability
4. Bending the curve on innovation: AI acceleration is a powerful catalyst for business transformation and for addressing society’s biggest challenges — curing disease, addressing climate change and famine and other meaningful advancements

The “what” matters, and so does the “how.” Organizations that scale successfully put AI where people already work, enable innovation close to the business challenge and build observability at every layer so leaders can measure quality, govern risk and manage AI like a production system.

More than 90% of the Fortune 500 use Microsoft 365 Copilot, reflecting how quickly AI is becoming part of everyday work.(1) IDC predicts 1.3 billion agents in circulation by 2028(2) and 80% of the Fortune 500 are already using Microsoft agents, led by operationally complex industries like manufacturing, financial services and retail.(3) As customers move from piloting AI to agents embedded in their flow of work, governance and security need to scale with them.

Microsoft’s approach is straightforward: Copilot drives action in the flow of work, agents orchestrate workflows across systems and Microsoft Agent 365 provides a unified control plane designed to govern and secure agents at scale, with the same tools businesses use for employee administration, such as Microsoft admin center, Defender, Entra and Purview.

Partners are creating impact right now in three areas. First, agentic workflows that remove operational friction and orchestrate end-to-end work across operations, finance, supply chain and service. Second, Customer Zero maturity. Partners who adopt Copilot and agents internally build credibility and move faster because they have meaningful, real-world experiences that they translate into their go-to-market plans. Third, security as the foundation. There is no AI at scale without secure identity, protected data and strong governance.

Microsoft 365 E7 and Agent 365: The Frontier Suite

In March, Microsoft introduced Wave 3 of Microsoft 365 Copilot and announced Microsoft 365 E7: The Frontier Suite, with general availability of Microsoft 365 E7 and Microsoft Agent 365 on May 1, 2026.

Microsoft 365 E7 brings together Microsoft 365 E5 for secure productivity, Entra Suite for identity and access control, Microsoft 365 Copilot for AI in the flow of work and Agent 365 as the control plane to govern and scale agents. It is grounded in shared intelligence from Work IQ, the layer that brings together signals from the Microsoft 365 environment, including content, context and activity, so AI can operate with the right business grounding and policy awareness.

Microsoft Agent 365 provides a unified control plane for agents, enabling IT, security and business teams to observe, govern and secure agents across the organization. This applies to any agents an organization uses, whether they are built on Microsoft AI platforms, delivered by ecosystem partners or introduced through other technology stacks. It also applies the same security and compliance capabilities teams already rely on, including Microsoft Defender, Microsoft Entra and Microsoft Purview.

Some customer scenarios require custom agents. Microsoft Agent Factory is designed to accelerate the move from experimentation to execution. The Microsoft Agent Factory Pre-purchase Plan (P3) adds licensing flexibility across Copilot Studio, Microsoft Foundry, Fabric and GitHub, with tiered discounts intended to support broader adoption rather than isolated pilots. It also enables inclusion of tailored, role-based skilling at no additional cost to the customer, reducing adoption friction and increasing delivered value.

The opportunity for partners is end-to-end, and this is where the partner’s strategy really matters. Shifting from transaction-first to outcome-first, partners who iterate quickly, establish clear guardrails and build an operating rhythm for adoption move customers from interest to impact.

Over time, every organization will employ people who can direct and govern agents as part of daily work. Partners can make that capability real through packaged offers, change management and managed operations. Publishing those packaged offers in the Microsoft Marketplace adds a scalable route to market, improving discoverability and enabling a more repeatable buy-and-deploy motion as customers expand agent usage.

Partner success: What governed scale looks like in practice

“AI is at the forefront of everything we do. Through our ‘learn, use, create’ methodology and our AI Academy, we really support partners with learning paths.”
— Nicole Clark, Global Alliance Manager, Arrow Electronics

Partners are embracing Frontier Transformation by modernizing foundations, driving adoption, designing security into delivery and building agents that automate repeatable work and orchestrate business processes.

• Cognizant treated legacy automation as a platform modernization effort. Using Microsoft Power Platform, Copilot agents and governance frameworks, Cognizant migrated and modernized automation and scaled it across teams, consolidating platforms, lowering costs and reducing manual work through agent-led workflows.
• EPAM’s work with their customer Albert Heijn demonstrates what agent-first execution looks like in frontline scenarios. By delivering an employee-facing virtual assistant inside the retailer’s staff app, EPAM supported scenarios like restocking, onboarding and faster access to product and inventory information, with enterprise governance and observability in mind.
• Insight’s Flight Academy shows what it looks like to treat adoption as a program, not an announcement. Through a structured approach, Insight enables teams to build AI fluency in daily work and reinforces usage with practical learning and internal momentum that can scale beyond early enthusiasts.
• aCloud demonstrated a repeatable security pattern with their customer Jurong Engineering Limited (JEL) by bringing together Microsoft Purview, Microsoft Sentinel, Microsoft Defender XDR and Microsoft Security Copilot, paired with co-design workshops and cross-team alignment to strengthen compliance readiness.
• Arrow Electronics showed how distributor-led enablement can accelerate partner execution by using ArrowSphere to streamline Cloud Solution Provider (CSP) lifecycle management and ArrowSphere Assistant to surface AI-driven insights for renewals, upsell opportunities and Copilot adoption, complemented by a security dashboard that strengthens posture visibility and supports trust-by-design conversations.

Find more stories of partners innovating and driving meaningful outcomes for customers with Microsoft technology.

This same disciplined approach is especially relevant in the small and medium business space (SMB), where Microsoft partners offer end-to-end capability through managed services offerings and solutions packaged into repeatable motions, tailored to this customer segment.

SMB momentum: Scaling work with Copilots and agents

As Microsoft 365 Copilot Business expands AI built for work to organizations with fewer than 300 users, SMBs have a practical path to adopt AI more broadly. CSP partners are well positioned to guide that journey with a motion that combines adoption, security and ongoing management.

New Omdia research illustrates that CSP is a durable growth model for partners. In a study of 267 CSP partners across 36 countries, 79% rated CSP authorization as good, very good or excellent, and 88% would recommend it to other partners.(4) Omdia also found that 60% of CSP partner revenue is now tied to value-added services, with licensing acting as the entry point to broader, services-led engagements.(6)

“We’re bringing customers resources that only a partner can deliver to them: our relationship with Microsoft, technical training and programs that push them further and faster to learn technologies like Microsoft Copilot Studio, Foundry and Fabric.”
— Chance Weaver, Global VP of AI Adoption, Pax8

SMB demand is also expanding. For CSP partners, the near-term opportunity is to standardize advancing Copilot and agents from conversation to consumption. Lead with a simple, repeatable motion: outcome selection, security baseline, deployment, adoption and optimization cadence. Renewal moments are often the easiest time to introduce change when paired with a clear business case and time-bound offers.

A simple, scalable approach is to roll out in stages:

1. Deploy Microsoft 365 Copilot Business broadly, paired with a strong foundation of identity, data protection and compliance.
2. Target high-propensity accounts with tools such as Microsoft CloudAscent and the AI Business Solutions & Security Insights dashboard to deepen adoption and standardize responsible prompting.
3. Extend with agents to take on repeatable tasks and support key business processes, with governance and security built in.

Microsoft provides CSP partners with a powerful set of tools to combine licensing, lifecycle management and optimization into one customer relationship. Omdia notes that partners value operational advantages such as monthly billing flexibility and managing licenses through Partner Center for real-time provisioning and 24/7 license management. Partners can review the CSP incentives guide to understand the latest CSP incentives and how they map to an SMB motion.

Microsoft supports SMB-focused partners by combining product, security and go-to-market resources that make it easy to deliver a repeatable motion. That includes tools to assess readiness, prioritize the right use cases and track adoption over time, plus role-based skilling to build sales and technical and delivery confidence across Copilot, security and agents. For partners building managed services offerings, Microsoft Marketplace also provides a scalable route to market, improving discoverability and enabling customers to buy through familiar procurement paths, while Partner Center brings licensing and lifecycle management into the same operational flow.

Program momentum and updates

The Microsoft AI Cloud Partner Program continues to be the primary way we invest in partners as they build, sell and deliver cloud and AI solutions. Our focus is simple: enable partners to build capability, accelerate demand, differentiate in the market and scale repeatable delivery.

In February 2026, Microsoft introduced a wealth of expanded benefits updates across Copilot, security, Azure credits and go-to-market resources. These updates are designed to strengthen how partners run their business and accelerate the ability to take solutions to market. We continue to evolve partner benefits packages as a practical growth lever, combining product, support and advisory benefits so partners can invest with confidence.

To enable AI Transformation, Microsoft is introducing program updates and offers in the coming months. These updates are intended to enable partners, including services partners, channel partners and software companies, to build and deliver agents across the Frontier product stack. 

• Differentiation via Frontier Partner specialization: The Frontier Badge is evolving into a Frontier Partner specialization. This specialization differentiates partners, including services partners and channel partners, who demonstrate capabilities to build or deliver agents across Microsoft’s Frontier product stack. It creates a clear way for customers and Microsoft field sales teams to identify partners with validated readiness for agentic AI scenarios.
• Updated Frontier Distributor designation: Microsoft is evolving the Frontier Distributor designation to reflect distributor capabilities that matter for scaling agentic AI across the channel. For partners, this will make it easier to identify distributors that can deliver repeatable skilling, enablement to build and manage agents and Marketplace-backed motions to transact and grow agent sales.
• Benefits for software companies building AI apps and agents via App Accelerate: App Accelerate supports software companies building AI apps and agents on the Microsoft agent stack, with benefits designed to bring agentic solutions to market with strong foundations for trust.

Investments in skilling

This year we are investing in partner skilling that connects certification readiness to project-ready execution, with role-based experiences like Project Ready Workshops that translate skills into repeatable delivery practices. These learning experiences are delivered through our Partner Skilling Hub.

We are also introducing the Frontier Engineer Badge, a new learning path delivered through Titan Academy that prepares Solution Engineers and Solution Architects within the partners’ organization to design, build and operate production-ready agentic AI solutions across the Frontier Transformation stack, including Microsoft Copilot, Copilot Studio, Azure AI Foundry, GitHub Copilot, Microsoft Fabric and Agent 365.

The journey is hands-on by design and follows a three-part model: earn required certifications to establish a shared technical baseline, demonstrate delivery capability through Project Ready (building and integrating agents with governance, security and compliance) and build advanced readiness for operating at scale through governance, velocity and industry solution patterns. The outcome is clear: delivery-ready engineers who can move customers from prototypes to trusted, governed deployments.

Capturing the Marketplace opportunity

Marketplaces matter more in 2026 as customers consolidate procurement and expect faster time to value, especially as AI moves from pilots to production. With over 5,000 AI solutions available, Microsoft Marketplace increases discoverability for partner-built AI solutions, including agents, and supports a more repeatable buy-and-deploy motion through familiar procurement. It also makes it easy for partners to package multiparty software and services offers, so customers can purchase what they need to implement, govern and scale AI in production.

Omdia projects Microsoft Marketplace as a nearly $300 billion partner services opportunity by 2030. In the same study, partners selling through Marketplace reported go-to-market benefits, including faster sales cycles and larger deals, with 75% of study participants reporting faster closes and 69% reporting larger deals through Microsoft Marketplace.(5)

To accelerate demand generation and make it easy to activate these motions, we recently introduced Partner Marketing Center Pro, an AI-powered experience for end-to-end campaign creation. It brings campaign discovery, customization and co-branding, intelligent localization and translation, automated publishing and built-in reporting into one workflow, with an AI assistant that provides coaching throughout the process.

Partner Marketing Center Pro is a benefit of the Microsoft AI Cloud Partner Program available to partners who have purchased at least one partner benefits package, who have attained a Solutions Partner designation or who are currently enrolled in ISV Success.

Ways to engage now

Here are a few practical next steps partners can take to maximize their Microsoft investment:

Start by joining the Microsoft AI Cloud Partner Program.

• Plan to attend our annual sales kickoff for partners, virtually on Wednesday, July 22, 2026, to learn more about FY27 priorities and execution motions.
• Explore partner benefits packages and select the option that aligns to their growth plan.
• Pursue a Solutions Partner designation or specialization that matches their solution plays and customer demand.
• Visit the Partner Skilling Hub to find role-based learning resources.
• Launch an FY26 campaign focused on SMB, security, Copilot adoption or marketplace growth using Partner Marketing Center Pro.

Making Frontier Transformation real

Frontier Transformation is about building AI-powered operating capability grounded in intelligence and trust, and delivered consistently across industries, geographies and market segments. Partners make that real for customers by turning strategy into production-ready solutions, with governance, security and adoption built in from day one.

Microsoft is committed to partner success. We will continue investing in the Microsoft AI Cloud Partner Program, with the incentives, the skilling and the go-to-market capabilities that enable partners to build repeatable offers, increase discoverability and deliver trusted AI outcomes for customers at scale.

Nicole Dezen leads the Microsoft partner ecosystem and the Global Channel Partner Sales organization in Small, Medium Enterprises and Channel (SME&C). As Chief Partner Officer, she has grown the Microsoft partner ecosystem to become the largest in the industry, enabling more than 500,000 partners to deliver AI transformation to millions of customers in each segment around the world.

 

Footnotes

¹ Microsoft FY25 Third Quarter Earnings Conference Call, Microsoft, April 2025.
² IDC Info Snapshot, sponsored by Microsoft, 1.3 Billion AI Agents by 2028, #US53361825, May 2025.
³ Based on Microsoft first party telemetry measuring agents built with Microsoft Copilot Studio or Microsoft Agent Builder that were in use during the last 28 days of November 2025.
⁴ Omdia, Unlocking Growth Potential: Partner Perspectives on Microsoft CSP, December 2025. Results are not an endorsement of Microsoft. Any reliance on these results is at the third party’s own risk.
⁵ Microsoft estimate based on IDC data (SMB TAM: $777B by FY26; $1T+ by 2030), as published on the Microsoft Partner Blog, “The Microsoft Marketplace opportunity for channel ecosystem,” November 20, 2025.
⁶ Omdia, Partner Ecosystem Multiplier – The Microsoft Marketplace Opportunity, commissioned research sponsored by Microsoft, December 2025. Results are not an endorsement of Microsoft. Any reliance on these results is at the third party’s own risk.

Throughout this document, $ refers to USD.

 

 

 

 

The post Accelerating Frontier Transformation with Microsoft partners appeared first on The Official Microsoft Blog.