Pavan Davuluri

policy and so we're bringing new concepts to the table that allows security compliance and governance to be base constructs and how the platform primitives are being created in my mind that makes them a step function more secure more robust than even how apps are built today for instance in some places so that's the second big element for us the third one is this notion of user consent and to your point on privacy even with the use of agent connectors for example we are very much grounded with agent connectors and use of the windows on device registry

is a capability that we expose through user consent.

And so users are aware of what is happening.

They're in control.

They can choose to continue or not continue with a certain task.

And it's the same thing for Windows 11 today for client computing and for Windows 365 in the cloud.

In Windows 365 in the cloud, you can imagine the entire cloud PC is a session for an agent to use for computer use automation, for building tooling for another task, for infrastructure.

And we want to be able to make sure that Windows 365 instance

is a thing that enterprise customers, IT and policy and governance can completely audit, have complete visibility around, there's logs for it.

And so we think about these concepts fundamentally in how we build a product, but also how we roll them out to our customers as well.

Yes.

That's actually one of the important parts exactly with the MCP is the Windows on-device registry needs to be...

place that end users can trust as a set of connectors that are in the registry that they see as being trustworthy and reliable and can use.

But it's also, as a result, the responsibility of the Windows team for the connectors that we ourselves are building, that Windows and Microsoft are building, can model and represent how we want the ecosystem to look like.

And we have the abilities for making sure developers who want to be able to be part of that registry do comply to a set of requirements that in turn provide those guarantees of compliance and trust and security to our customers.

Correct.

Those are requirements to onboard into using the on-device registry.

I think the real guarantees with the on-device registry are on compliance and security and control and user consent.

but yes it's in a way it is a mechanism for us for both the developer to have peace of mind that the connectors that they are building are being used in a context that makes sense for their end users and for end users where these are new you know pieces of capabilities that they have a reliable mechanism both in terms of use and governance that we can we can deliver on i think part of the windows responsibility this is what we do in other spaces as well and so as we bring this new capability i think we are accountable for making sure we bring those capabilities

That's such a great question.