General Availability of Enterprise AI Controls

GitHub is now offering Enterprise AI Controls and the agent control plane as production-ready features. This comprehensive governance suite equips enterprise administrators with deeper visibility and control over AI capabilities and agent usage across their environments, addressing the need to balance enabling AI capabilities with maintaining security and compliance standards.

Key Features for Administrators

AI Administrator Role & Workspace: Enterprises can now delegate AI governance to dedicated teams through a custom enterprise role with fine-grained permissions. The consolidated AI Controls interface provides a single administrative hub for managing agent systems, viewing audit logs, and monitoring session activity.

Agent Activity Visibility: Full audit logging now captures agent actions with clear attribution, including an actor_is_agent identifier alongside user and user_id fields. New agent_session.task events track session lifecycle (started, finished, failed), while administrators can view cloud agent session activity from the last 24 hours. Search and filtering capabilities allow discovery of agent activity by specific agents or third-party integrations, with usage tracking at the organization level.

Custom Agent Standards & Policies: Organizations can establish enterprise-wide custom agent definitions with API support for programmatic application. A one-click push rule protects custom agent files (.github/agents/*.md) from unauthorized edits at scale. The AI Controls tab in enterprise settings consolidates all AI-related policies, with the previous Copilot policies interface fully deprecated.

What's New in This Release

The general availability update includes expanded discovery and management capabilities:

• Extended Session Visibility: Cloud agent session activity now exceeds the previous 1,000-record limit, providing complete visibility into all sessions from the last 24 hours
• Enterprise Agent Definitions API: REST API support for managing custom agent definitions across the enterprise via .github-private/agents/*.md repository paths
• Improved Audit Log Filtering: Pre-filtered audit logs for Copilot and third-party agents for faster discovery and analysis

Note: MCP (Model Context Protocol) enterprise allowlists remain in public preview; all other AI Controls features are generally available.

Looking Ahead

GitHub plans to expand this release with comprehensive session activity coverage for VS Code and Copilot CLI clients, programmatic access to agent activity data, granular policy controls with full API coverage, and enhanced MCP governance options.