Starting April 1st, Microsoft will make its Copilot for Security available to all business users. This AI tool is designed to assist cybersecurity professionals by enhancing their ability to detect threats more accurately. Developed from an extensive dataset comprising over 78 trillion security alerts processed by Microsoft, this artificial intelligence system aims to be the go-to assistant for IT and security experts.
Currently exclusive to a select group of Microsoft clients, Copilot for Security will soon be accessible to all enterprises. Early trials indicate significant benefits; IT teams using the tool have reported working 22% faster and achieving a 7% increase in task accuracy. An overwhelming 97% of testers expressed a desire to continue using it for cybersecurity tasks.
Copilot for Security serves various functions. It can propose actions to resolve cyber incidents, offer insights on specific devices, and suggest policies for adequate protection. It also enables users to verify and create system access policies.
New features of Microsoft Copilot for Security include:
Customizable Promptbooks allowing users to create and save useful natural language prompts.
Integration with Knowledgebase, facilitating the incorporation of Copilot for Security into business logic and processes for customized tasks.
Connection to a company’s unique external attack surface via Defender EASM, helping manage and secure it by identifying and analyzing the latest risk information.
Microsoft Entra’s access and diagnostic logs offer further insights for security investigations and IT issue analyses with audit logs summarized in natural language.
Usage reports provide insights into how teams are utilizing Copilot, identifying opportunities for further optimization.
Microsoft’s cybersecurity copilot can be accessed through a dedicated portal or directly within Microsoft applications. For example, in Microsoft Entra, it assists experts in preventing identity thefts or compromises by assessing user risk levels. Integrated into Microsoft Purview, it summarizes key security alerts and provides insights for deeper incident analysis. Copilot is also queryable within the Microsoft Defender portal, complementing SIEM and XDR functionalities. Lastly, within Microsoft Intune, it aids IT teams in more effectively managing endpoints.