Earlier this month, Microsoft announced their general release of their latest AI offering: Copilot for Security.
As the first generative AI security product, Copilot for Security marks an exciting milestone in the way organisations leverage AI. It also marks Microsoft’s ongoing investment in new, cutting-edge technologies.
After a year in testing, Copilot for Security is available to the world from 1st April 2024. Below, we explain what it is and how it can take cyber security to the next level.
What is Microsoft Copilot for Security?
Copilot for Security is a chatbot, powered by OpenAI’s GPT-4 and Microsoft’s own security model.
It’s designed for IT analysts and security professionals. By asking Copilot natural language questions, they can receive actionable insights to common IT issues.
It can assist IT and security teams to:
- Analyse threats and malicious scripts.
- Build hunting queries to detect dangers.
- Resolve incidents correctly with accurate guidance.
- Follow best practice for device configuration, including checking they meet company policy.
- Generate, test and summarise access policies.
- Identify data and user risks within your IT network, such as out-of-date devices.
- Understand when and why multi-factor authentication has been trigged for users.
- Create incident reports to share internally.
From 1st April, Copilot for Security also includes custom promptbooks to save useful prompts, knowledge base integration and user reporting to understand how staff are using Copilot.
How does it work?
Copilot for Security is informed by the 78 trillion+ security signals processed by Microsoft every day. When coupled with language models, this allows it to provide specific, security-focused advice to users.
When the user submits a prompt (usually a question or command), Copilot will analyse the context and build a plan to execute. It then gathers the data needed and analyses it to provide insight. The context and data analysis are combined and formatted to deliver a response to the user.
Copilot for Security can be used as a standalone security product to provide broader context and support for any incidents. However, it also works across Microsoft’s existing security products to improve the experience of the tools you’re already familiar with.
Here’s how it helps with Microsoft core security solutions:
- Microsoft Defender XDR: Summarise incidents, gain actionable insights and speed up complex threat hunting.
- Microsoft Entra: Explore suspicious sign-ins and activity, find policy gaps and guide admins through incident investigations.
- Microsoft Intune: Respond to threats faster, apply targeted tactics to improve outcomes and develop compliant policies.
- Microsoft Purview: Increase visibility across systems and review the accuracy of your compliance policies.
- Microsoft Sentinel: Collect security data and correlate alerts with intelligent analysis.
- Unified security operations platform: Assess and summarise emerging threats while supporting analysts through advanced tasks.
It can also work alongside non-Microsoft products you may use in your organisation. A list of providers Copilot integrates with can be viewed here.
How does it benefit businesses?
Copilot for Security offers significant advantages for businesses of all shapes and sizes. These include:
- Strengthening team skills: Copilot offers practical, detailed guidance through complex security tasks, such as incident investigation. As a result, internal skills are developed. Even junior staff can conduct critical security tasks, freeing up your senior employees for strategic work.
- Uncovering more risks than ever before: With access to vast data signals, Copilot increases visibility of the threats facing your business. It means every potential attack can be spotted in advance, allowing you to put provisions in place before there’s any damage.
- Protection against targeted attacks: Gain crucial insights into potential cyber risks, allowing for a faster response to incidents and heightened security measures.
Copilot for Security has already had proven success too. During Microsoft studies, it was found that users were 26% faster and 44% more accurate across tasks when using Copilot. This highlights significant productivity and efficiency benefits for businesses.
93% of users also said they wanted to use Copilot again, meaning it’s a tool your staff will actually enjoy using.
How is Copilot for Security licensed?
Copilot for Security is licenced on a pay-as-you-go basis, making it accessible to businesses regardless of size or budget.
It also means you can get started immediately, then scale usage as you begin to discover Copilot’s functionality and security benefits.
Learn more about Copilot for Security_
If you’re looking to deploy Copilot for Security or learn more about Microsoft’s AI functionality across its products, we’re here to help.
Infinity Group is one of few organisations globally that holds Microsoft Cloud Solutions status. Our experts have a deep understanding of the latest Microsoft innovation, including Copilot for Security. So, we can work with your organisation to define areas where AI can add value and ensure you receive maximum productivity and efficiency.
Our Infinity UNBOUND: Get to Secure video series is a programme of bite-sized, expert-led sessions giving you practical advice to strength your security posture. Covering the current threat landscape and modern solutions to help, you’ll gain actionable guidance to protect your business.
