In a groundbreaking move, Microsoft has launched the early access phase for its revolutionary AI-driven security analysis tool, Security Copilot. The platform, akin to the familiar ChatGPT, empowers security teams to swiftly combat threats using Microsoft’s extensive global threat intelligence and cutting-edge large language models.
Security Copilot offers a dynamic approach, responding to security queries from defenders while continuously learning and adapting from interactions. Tailoring its recommendations to specific enterprise environments, it provides instant incident summaries, rapid guided responses, simplified natural language queries, and real-time malware analysis. One of its standout features is the ability to identify previously unknown threats by analyzing attack data and correlating threat activity signals.
Vasu Jakkal, Microsoft’s Corporate Vice President for Security, Compliance, and Identity, emphasized the tool’s impact. “Security Copilot is already helping our preview customers save up to 40 percent of their time on core security operations tasks,” revealed Jakkal. “It can effectively up-skill a security team, save time, enable them to find what they might have missed, and free them to focus on impactful projects.”
A significant enhancement is the integration of Security Copilot with Microsoft’s 365 Defender Extended Detection and Response (XDR) platform. Early Access Program participants gain access to Microsoft Defender Threat Intelligence data at no additional cost, bolstering their defense strategies.
Furthermore, Security Copilot facilitates collaboration between organizations and Managed Security Service Providers (MSSPs). Those enrolled in the Early Access Program can broaden access to their Security Copilot environment, allowing MSSPs to actively engage and collaborate with them through the platform.
“In security, minutes count. With Security Copilot, defenders can respond to security incidents within minutes instead of hours or days,” emphasized Jakkal. The tool’s natural language-based investigation experience expedites incident investigation and response, providing critical step-by-step guidance and context.
To participate in the Security Copilot Early Access Program, interested parties are encouraged to liaise with their Microsoft sales representative and visit the official website for comprehensive information. Microsoft also offers extensive documentation, guiding users on incident summarization, script and code analysis, resolving incidents with guided responses, generating Kusto Query Language (KQL) queries, and creating detailed incident reports.
As the cybersecurity landscape continues to evolve, Microsoft’s Security Copilot stands as a testament to the company’s commitment to innovation, empowering organizations to proactively defend against emerging threats and bolster their security posture.