Share with your CTO
Workday is betting that the next competitive moat in enterprise software isn’t the application itself but the developer platform surrounding it. At DevCon, the company unveiled three new capabilities inside Workday Build: Developer Agent, which lets developers describe what they want in plain language inside tools like Cursor or Claude Code and get a working Workday agent back; Agent-Ready Tools, a new class of MCP-connected enterprise connectors purpose-built for autonomous agents acting on HR and finance data; and Agent Passport, a continuous compliance verification layer backed initially by Cisco. General availability is projected for the second half of 2026.
What this means for your business
The story here isn’t primarily about Workday’s own AI agents. It’s about who controls the development surface when enterprises start building custom agents on top of their systems of record. If your team is already using agentic coding tools and your HR and finance data lives in Workday, the question this announcement forces is whether you build inside Workday’s governed rails or try to wire something together externally, accepting the data quality and compliance risks that come with it. Companies with one or two developers managing Workday customizations, like Waste Connections cited in the release, stand to gain the most immediately. Companies with mature internal platforms teams will want to stress-test whether Agent-Ready Tools replace or just duplicate their existing integration architecture.
The MCP angle deserves scrutiny. Model Context Protocol is an open standard for giving AI agents structured access to external tools and data sources, essentially a universal plug format so agents don’t need custom wiring for every system they touch. Workday’s decision to route Agent-Ready Tools through MCP rather than a proprietary connector layer is a genuine architectural concession to openness. But “open standard” and “controlled guardrail” are in permanent tension. Workday’s security and delegation model rides along automatically when an agent uses these tools, which is the right call for payroll and ledger data, and also the mechanism by which Workday stays in the critical path for every agent action touching its platform. Openness at the protocol layer, stickiness at the governance layer.
Agent Passport is the piece most CTOs should watch most carefully, because it externalizes a problem that has quietly been killing enterprise AI pilots: nobody trusted the agent. Having Cisco provide third-party attestation against OWASP LLM Top 10 and NIST AI RMF gives compliance and legal teams a paper trail they can actually reference, which is what moves agents from sandbox to production in regulated industries. The falsification condition here is simple: if Agent Passport stamps become checkbox theater rather than live continuous monitoring, the governance value collapses and the feature becomes a sales slide. Whether Cisco’s attestation methodology holds up to that bar is the question worth asking before you build your deployment roadmap around it.
Concept deep-dive: Model Context Protocol (MCP)
MCP is an open standard, originally developed by Anthropic, that gives AI agents a consistent way to discover and call external tools and data sources, similar to how USB standardized device connections so manufacturers stopped inventing proprietary ports. Before MCP, connecting an agent to an enterprise system required custom integration work for every pairing. With MCP, a compliant agent can interrogate what tools are available and call them through a shared interface. The business implication is that MCP-ready platforms become easier to plug into any agent, which raises the stakes for who sets the governance terms at that connection point.
Based on reporting from Workday Launches New Tools for Developers to Build, Connect, and Verify AI Agents For HR, Finance, and IT, originally published 2026-06-02 03:00:00.
