What Microsoft Announced at Build 2026
Project Solara is a chip-to-cloud software platform for agent-first devices — hardware that runs AI agents instead of applications. Steven Bathiche, CVP and Technical Fellow in Microsoft’s Applied Sciences Group, framed the stakes in Microsoft’s announcement: “The next platform shift is from apps to agents — from software you open to intelligence you invoke.”
The platform skips Windows entirely. Solara runs on MDEP, the Microsoft Device Ecosystem Platform, which Microsoft describes as “an enterprise-grade operating system built on AOSP” — the Android Open Source Project. Microsoft chose Android’s open-source foundation over its own flagship OS for the agent-first stack, a choice that signals how cleanly the company wanted to break from app-era assumptions.
Two reference devices make the idea concrete. The first is a wearable badge designed for field workers: a Qualcomm wearable chip, a touchscreen, fingerprint authentication through Hello for Business, a far-field microphone array, a side camera, and 5G, WiFi, and Bluetooth. The second is a desk hub built on MediaTek IoT silicon that signs you in with facial recognition, senses presence through UWB, and becomes a Windows 365 cloud-PC client when a monitor is attached.
This has moved past the concept stage. AccuWeather, Best Buy, CVS Health, Levi’s, and Target are expected to begin pilots, and hundreds of Microsoft employees already test internal concepts — a Priority Agent that surfaces tasks by context, and a Facilitator that transcribes meetings and detects action items.
The App Was the Unit of Control
Computing has been governed through the application for fifty years. When an organization asks what happened on a machine, the answer comes back in app-shaped facts: which application ran, which user initiated the action, and what permissions the application held. Those three facts anchor nearly every control an enterprise operates.
Look at where enforcement lives today. Permission models grant camera, location, and file access to a specific app. App review evaluates a fixed binary before a store distributes it. Mobile device management — Intune included — decides which applications may be installed on which devices. Allowlists, code signing, software audits: each one names an application as its subject. The app is the noun in every governance sentence.
The model worked because the application held still. A reviewed binary behaves tomorrow the way it behaved in review. Permissions granted at install time still describe the software a year later. Control attached to the app was control over behavior, because the app and its behavior were the same thing.
Agents Break the App-Shaped Permission Model
An application does what it was programmed to do. An agent decides what to do. The entire app-shaped control stack rests on the first property, and Solara is built around the second.
Consider the platform’s own mechanics. An agent dispatcher and an agent task manager surface relevant agents based on context, so which agent handles a request is itself a runtime decision. Bathiche is explicit that “there will not be a single dominant agent.” Devices run multiple agents at once with a coordination layer; Microsoft 365 Copilot is offered, and the platform is designed for third-party agents. The actor on the device is plural, contextual, and chosen moment to moment — agents coordinate across tools and services to finish a single task.
Just-in-time UI removes the last fixed artifact. Agents generate adaptive interfaces that reflow across screen sizes, in some cases generating new UI on the fly, so that “the same agent [can] render a custom experience on multiple screen sizes with little or no additional work from the developer.” The screen a field worker taps to approve an action may have existed for three seconds. There is no interface to screenshot for the compliance binder.
Now trace what an app-era control would attach to. Review which binary? Grant permissions to which interface? Allowlist which of the agents the dispatcher might choose? The badge and the hub are simply new execution surfaces, and what acts on them has no fixed shape to review, sign, or inventory. The governed object dissolves.
Governance Must Follow the Agent
Organizations that deploy agent-first devices will need answers to four questions, and none of them is app-shaped. What can this agent decide autonomously? Which actions require human approval? Which policies travel with the agent as it moves across the badge, the desk hub, and the cloud? And when something goes wrong, how is the agent’s decision audited after the fact?
Microsoft ships real infrastructure for part of this. Entra ID handles identity. Intune handles device management. The hardware carries a physical microphone mute and listening indicators. Microsoft states that “enterprise manageability, identity, security, privacy, and user control are not afterthoughts. They are part of Project Solara’s foundation.” All of that governs the device and the user. Identity tells you who the agent acted as; device management tells you which hardware it ran on. The agent’s decisions — what it chose to do, with which tools, on whose behalf — remain the unconstrained part.
Closing that gap means policy that travels to wherever the agent acts. The industry has already met this problem once: the governance perimeter is moving to the endpoint, and agent-first hardware moves it again. Governance propagation — the property that a decision made once reaches every surface where work happens — becomes the control plane itself.
| Dimension | App-centric era | Agent-centric era |
|---|---|---|
| Unit of control | Application | Agent |
| Permissions attach to | Installed software | Portable policy |
| Interface | Fixed app UI | Generated just-in-time |
| Audit question | Which app did the user open? | Why did the agent act? |
The left column is what current tooling governs well. The right column is what the next audit will ask about.
Every Platform Wave Grows a Governance Layer
Platform shifts grow their control layers after the fact, on a schedule you can almost set a watch by. Cloud shipped first and grew security and compliance tooling once enterprises arrived. CI/CD made deployment continuous and grew observability to watch what it shipped. Data platforms scaled analytics and grew lineage and cataloging when nobody could say where a number came from. Agent platforms will grow governance and verification the same way, for the same reason: enterprises adopt the platform first and discover the missing layer the first time an auditor asks a question the platform cannot answer.
That is why Solara’s fate as hardware is almost beside the point. Maybe the badge ships in volume; maybe the desk hub joins the museum of ambitious reference designs. The direction survives either outcome. Microsoft built a new OS stack so agents could be the primary computing abstraction, and OpenAI is reportedly building an agent phone on the same Qualcomm silicon, per Build 2026 press coverage. Days earlier, Microsoft previewed Execution Containers, OS-enforced isolation for agents on Windows. Each move treats the agent as the thing the platform exists to run.
When platform companies redesign hardware around agents, the open question is no longer adoption. It is who supplies the governance layer the wave always grows — and whether your policies are portable enough to live in it.
What This Means for Engineering Teams Today
Software delivery is already living the post-app shift. Coding agents act across IDEs, CI pipelines, cloud sandboxes, and now hardware like the Solara badge — the same agent identity can touch a repository from four different surfaces in one afternoon. Managed agent runtimes make the pattern explicit: the agent moves, and the platform it moves through keeps changing.
Policies that survive that movement share three properties. They are portable, traveling with the work wherever the work happens. They are repo-native, versioned next to the code they govern, so any agent on any surface can retrieve them. And they are deterministic — model-independent, producing the same verdict for the same change regardless of which model, harness, or device produced it. A policy locked inside one vendor’s platform stops at that platform’s edge, and Solara just demonstrated how fast new edges appear.
That is the durable lesson inside Microsoft’s announcement. The app held our governance for fifty years because it was the stable object in the system. The stable object now is the decision — the architectural choice, the policy, the approval — and governance has to attach to decisions and changes, enforced wherever the agent happens to be running. Solara just gave that requirement a body: a badge, a desk hub, and five pilot companies.