Microsoft open-sources Rampart and Clarity

Microsoft on May 20 released RAMPART and Clarity as open-source tools for developers building AI agents, putting security testing and design review earlier in the software workflow. The company said RAMPART is meant to turn red-team findings into repeatable tests, while Clarity is designed to help teams surface assumptions and failure modes before implementation. The release came as other companies pushed agentic AI deeper into finance and public-sector work, including OneStream’s general availability launch for finance agents and DEWA’s adoption of Microsoft 365 Copilot Cowork. Together, the announcements showed vendors focusing on controls, auditability and operational guardrails as agents move closer to business processes. ### What exactly did Microsoft release? Microsoft said RAMPART and Clarity were open-sourced on May 20 through its security organization. The company described RAMPART as a framework for writing and running safety and security tests for AI agents, including adversarial and benign cases, and said Clarity is intended to help engineers reason through goals, assumptions, risks and design choices before code is finalized. (microsoft.com) GitHub repositories tied to the release describe Clarity as software that can run as a desktop app, web interface or embedded coding tool, generating a repository of markdown files that records problem statements, decisions and failure analysis as a project evolves. That makes the tool part documentation layer, part design-check process. ### Why is Microsoft putting safety checks into the build process? (microsoft.com) Microsoft’s own description of the tools centers on agents that no longer just answer questions but also access email, files, messages and workflows. In that setting, the company said, safety work cannot stay limited to one-off red-team exercises at the end of a release cycle. (github.com) The Hacker News, citing Microsoft’s release, said RAMPART builds on earlier work including PyRIT and is aimed at prompt injection, unsafe behavior and other failure categories that can emerge when agents connect to outside tools and data. Petri and Redmondmag separately described the tools as a way to move security and validation earlier into CI-style engineering processes. (microsoft.com) ### How does this connect to what finance teams are doing? OneStream on May 19 announced the general availability of SensibleAI Agents and a Finance Agentic Layer at its Splash user conference in Orlando, Florida. The company said the new layer lets finance teams use Copilot, Claude, ChatGPT and Gemini against OneStream data while preserving permissions, business rules, audit trails and other controls. (thehackernews.com) Tom Shea, OneStream’s founder and chief executive, said generic AI tools lack the “financial context, logic, and governance required for financial decision-making.” Tony Surma, CTO of Microsoft Americas Enterprise Partner Solutions, said financial context and data governance are critical to outcomes “finance teams can trust.” (prnewswire.com) OneStream said its Finance Agentic Layer uses the Model Context Protocol, or MCP, to extend governed access to finance data beyond the OneStream platform. The company framed that as a way to let third-party agents work with finance systems without dropping the controls finance departments require. (prnewswire.com) ### What is Copilot Cowork, and why does DEWA matter here? Microsoft introduced Copilot Cowork in a March 9 blog post by Charles Lamanna, who said the product is designed to let Copilot turn requests into background tasks across Microsoft 365 while keeping users in control through checkpoints and approvals. Microsoft said Cowork draws on signals across Outlook, Teams, Excel and other Microsoft 365 services through its Work IQ layer. (prnewswire.com) DEWA said on May 20 that it had adopted Microsoft 365 Copilot Cowork, becoming the first government entity in the UAE to launch the initiative, according to reporting carried by WAM and surfaced by MSN. The adoption places agentic tools inside a named public-sector organization rather than a lab or pilot environment. (microsoft.com) ### What comes next? Microsoft’s next step is likely to play out in the open repositories for RAMPART and Clarity, where developers can inspect, use and contribute to the tools. OneStream said its generally available agents are already tied to Microsoft Office 365 and external AI systems, while Microsoft said Cowork continues to expand through its Frontier program. Those milestones put the next phase in product usage, integration and governance practice rather than in a single launch event. (msn.com) (github.com)