Microsoft Copilot for Security available

Effective April 1, 2024, Microsoft Copilot for Security, a generative AI solution for security experts, is available. Microsoft Copilot for Security (formerly introduced as Microsoft Security Copilot) is a cutting-edge security analysis tool, fueled by AI, that empowers analysts to swiftly address threats, process signals with machine-like efficiency, and evaluate risk exposure within minutes.

 

 

What is Copilot for Security?

With Copilot for Security, you can resolve incidents, get device info, view access policies, find user risks and much more. Just enter a prompt into the integrated Copilot for Security interface that can be found in various Microsoft security applications.

Copilot for Security offers its capabilities through both standalone and embedded experiences within various Microsoft security products. It operates on a foundation language model and proprietary Microsoft technologies, forming an integrated system.

Copilot for Security offers seamless integration with Microsoft security solutions (Microsoft Defender XDR, Microsoft Sentinel, and Microsoft Intune, Microsoft Defender Threat Intelligence, Microsoft Entra, Microsoft Purview and Microsoft Defender External Attack Surface Management). Embedded experiences within these solutions provide users with direct access to Copilot for Security.

Furthermore, plugins from Microsoft and third-party security products serve to extend and integrate services with Copilot for Security. These plugins enhance contextual understanding by incorporating data from event logs, alerts, incidents, and policies from both Microsoft security products and supported third-party solutions like ServiceNow.

Copilot for Security leverages threat intelligence and authoritative content through its plugins. These plugins enable searches across a wide array of sources, including Microsoft Defender Threat Intelligence articles and intel profiles, Microsoft Defender XDR threat analytics reports, and vulnerability disclosure publications, among others.

 

 

Scenarios for Copilot for Security

With Copilot for Security, security analysts enjoy swift, comprehensive help with scenarios, such as:

  • Incident response: Copilot for Security can swiftly summarize information about an incident by enhancing incident details with context from data sources, assess its impact, and provide guidance to analysts on how to take remediation steps with guided suggestions.
  • Security posture management: Copilot for Security provides information on events that might expose organizations to a known threat. Analysts are provided prescriptive guidance on how to protect against those potential vulnerabilities.
  • Security reporting: Copilot for Security can generate ready-to-share executive summaries or reports on security investigations, publicly disclosed vulnerabilities, or threat actors and their campaigns.

 

 

How does Copilot for Security work?

Here’s a breakdown of how Microsoft Copilot for Security operates:

  1. User prompts from a security product (e.g. Microsoft Defender XDR) are forwarded to Copilot for Security.
  2. Copilot for Security initiates pre-processing of the input prompt using a method called grounding. This enhances the specificity of the prompt, ensuring that the generated answers are relevant and actionable. To achieve this, Copilot for Security utilizes plugins for pre-processing before sending the refined prompt to the language model.
  3. Upon receiving the response from the language model, Copilot for Security proceeds with post-processing. This step involves accessing plugins to obtain contextualized information.
  4. Finally, Copilot for Security delivers the response, allowing the user to review and evaluate the provided information.

 

 

Licensing: Pay-as-You-Go licensing only

Microsoft Copilot for Security is licensed via pay-as-you-go. This flexible pricing approach ensures accessibility for a wide range of organizations, allowing them to scale usage and costs according to their needs and budget.

 

More information

You can read the official Microsoft announcement here: https://www.microsoft.com/en-us/security/blog/2024/03/13/microsoft-copilot-for-security-is-generally-available-on-april-1-2024-with-new-capabilities/.

For an explanatory video of Copilot for Security, please visit: https://www.youtube.com/watch?v=0lg_derTkaM.

For the product page of Copilot for Security, please visit: https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-copilot-security.

You can download the Randomized Controlled Trial for Copilot for Security Whitepaper here: SCHNEIDER IT MANAGEMENT 2024-04-01 Update Microsoft Copilot for Security study whitepaper

For our vendor page of Microsoft, please visit: https://www.schneider.im/software/microsoft.

Please contact us for free expert consultancy on your specific Microsoft software and online services requirements and to request a quote today.

Share article

LICENSING CONSULTANCY

Get Free Expert Software Licensing Consultancy For Your Organization