Microsoft doesn’t appear to be slowing down with its Copilot ambitions any time soon as the company announces a new AI assistant for cybersecurity. Microsoft Security Copilot is the latest release for security professionals, and in this article we explain more about Security Copilot and how it works.
What is Microsoft Security Copilot?
Microsoft Security Copilot is a new AI-powered tool designed to help security professionals detect, investigate and respond to cyberattacks quickly and more effectively. It is based on OpenAi’s GPT-4, a large language model that can generate natural language responses to prompts, and Microsoft’s security model which uses security skills and threat intelligence from Microsoft’s global network.
How Microsoft Security Copilot works
Designed to help security analysts, Security Copilot can assist in catching threats/risks that other tools might miss, simplifying complex data and training analysts on best practices. Security Copilot can answer questions in natural language, provide guidance on how to remediate incidents, generate security reports, and perform threat-hunting tasks. It can also learn from user feedback and improve its skills over time.
One particularly impressive feature of Microsoft Security Copilot is the prompt book. With this feature, users can combine many actions or automations into a single prompt or button. This means users don’t have to wait for someone else for information to help them complete an investigation.
How to use Microsoft Security Copilot
You need to have access to Microsoft security products like Microsoft Sentinel, Defender, and Intune to use Security Copilot. It integrates with these products and uses their data to provide insights and recommendations. You can also access Security Copilot through a web-based interface or a chatbot. You can type in your queries or choose from predefined scenarios, such as incident response, threat hunting, or security reporting.
Let’s say you want to investigate a potential attack; you can ask Security Copilot ‘How can I stop the attack?’ or ‘What areas are at risk?’ Security Copilot would then use AI models to analyse the data from your security products and generate responses that are tailored to your organisation. It will also provide step-by-step instructions on how to remediate the attack based on proven tactics from real-world incidents.
How can I access it?
Currently Microsoft Security Copilot is in preview and only available to selected customers. If you’d like to keep up to date with the latest announcements, you can sign up to receive news and insights here.
At Bridgeall we have a wide range of experience working across a full range of technology solutions to protect you against these threats. We provide a full range of security services, from developing a security strategy, implementation of security measures across your IT infrastructure to a fully managed security service. If you’d like to know more about Security Copilot or if you have any further questions, contact our team who can help.
