At the Microsoft Secure event, Microsoft unveiled its latest cybersecurity innovation, Microsoft Security Copilot. This tool incorporates next-generation AI to help security professionals quickly identify and respond to potential threats, while also gaining a better understanding of the overall threat landscape.
By combining Microsoft’s vast threat intelligence with industry-leading expertise and the power of OpenAI’s GPT-4 generative AI, Security Copilot serves as an easy-to-use AI assistant for security professionals.
Microsoft recently launched Microsoft 365 Copilot, which is designed to bring AI-powered features to its popular software applications, including Word, Excel, PowerPoint, and more.
Microsoft Security Copilot
Security Copilot is the first security product that combines the power of AI with an advanced large language model (LLM). And it’s not just any LLM – it’s one that’s been specifically designed for security purposes, with a growing set of security-specific skills and knowledge built in.
Announcing Microsoft Security Copilot: Empower your defenders with generative #AI informed by 65 trillion daily signals.
Learn more: https://t.co/nJxQKGjJBH #MSSecure
— Microsoft (@Microsoft) March 28, 2023
It integrates with Microsoft’s end-to-end security products and will soon expand to a growing ecosystem of third-party products. And because we believe security should be built with privacy at the core, your data stays within your control. It’s not used to train the foundation AI models, and it’s protected by the most comprehensive enterprise compliance and security controls.
Simplify the Complex: With Security Copilot, defenders can swiftly respond to security incidents in minutes instead of hours or days. By delivering critical guidance and context through a natural language-based investigation experience, Security Copilot accelerates incident investigation and response, freeing defenders to focus on the most pressing work.
Microsoft Security Copilot – ransomware attack investigation and response
- Catch What Others Miss: With Security Copilot, defenders can uncover malicious behavior and threat signals that might otherwise go unnoticed. By surfacing prioritized threats in real-time and anticipating a threat actor’s next move with continuous reasoning based on Microsoft’s global threat intelligence, Security Copilot gives defenders an edge they never knew they had.
Microsoft Security Copilot – alert on compromised account and device
- Address the Talent Gap: With Security Copilot, every member of your security team can become a powerhouse of expertise. By answering security-related questions from the basic to the complex, Security Copilot boosts defenders’ skills and adapts to enterprise preferences to advise on the best course of action. It also supports learning for new team members, exposing them to new skills and approaches as they develop. With Security Copilot, security teams can achieve more secure outcomes and operate with the capabilities of a larger, more mature organization.
Microsoft Security Copilot – reporting on an incident
Microsoft’s Security Copilot is designed to continuously learn and improve to ensure that security teams are equipped with up-to-date knowledge on attackers and their methods. The product provides access to advanced OpenAI models for demanding security tasks and applications. Threat visibility is enhanced by both the organization’s security data and Microsoft’s extensive threat analysis.
With Security Copilot, even small security teams can access the skills and capabilities of larger organizations. Bridging knowledge gaps and enhancing workflows, threat actor profiles, and incident reporting, Security Copilot also helps address cybersecurity skills shortages.
Built on the Microsoft platform
Microsoft has a unique advantage in assisting customers to implement AI to enhance their cybersecurity defenses. With over 50 ransomware gangs and 250 nation-state cybercriminal organizations being actively tracked, Microsoft Security receives an astounding 65 trillion threat signals daily.
Their technology effectively blocks over 25 billion password theft attempts each second. With over 8,000 security professionals, Microsoft is one of the leading companies in analyzing security signals. Microsoft’s Security Operations Center analysts utilize more than 100 different data sources on average.
Microsoft has acquired RiskIQ and Miburo, providing them with unique and comprehensive intelligence on threat actors. Security Copilot is fully integrated with Microsoft’s security products, including Microsoft Sentinel and Microsoft Defender, to offer customers a complete end-to-end security program.
Availability
Currently, Microsoft Security Copilot is only available through private preview.
Speaking on the announcement, Vasu Jakkal, corporate vice president, Microsoft Security, said
Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against relentless and sophisticated attackers. With Security Copilot, we are shifting the balance of power into our favor. Security Copilot is the first and only generative AI security product enabling defenders to move at the speed and scale of AI.