Microsoft Copilot for Security: what it is and how it really works

Microsoft Copilot for Security: what it is and how it really works

With an official press release, the Redmond company has removed the veil from a product based on artificial intelligence (AI) which has been talked about for some time now: Microsoft Copilot for Security. It will debut on April 1st, and it’s no joke. Microsoft wants to revolutionize from the ground up the ways in which cyber threatseven those never seen before, are detected, classified and neutralized.

Microsoft introduces Copilot artificial intelligence to counter cyber threats

Some companies already specialize in IT security have started to introduce AI-based systems into their products aimed at the enterprise market. For Microsoft, Copilot for Security is the first solution that relies onGenerative AI to be proposed in the security segment.

Designed to help security professionals and IT administrators to spot what other solutions might miss, the goal of Microsoft Copilot for Security is to act faster against cyber threats while simultaneously strengthening the team’s expertise.

Copilot for Security uses large-scale data and information about intelligence on threats, much of which is derived from more than 78,000 million security signals processed by Microsoft systems every day. The use of LLM (Large Language Models) advanced allows you to offer personalized information to address a threat and guide technicians if subsequent interventions are required.

Results of using Copilot for Security

What form does Microsoft Copilot for Security take

It couldn’t be otherwise: Microsoft Copilot for Security is a solution that was born in the cloud and works on the cloud. It’s like having a digital assistant always informed about what is happening on a global scale from a cybersecurity perspective. An assistant who can understand what is happening, recognize possible malicious activity and provide the tools to immediately remedy it.

The “format” of Copilot for Security, therefore, adapts to needs and specifications workflows of each company reality. Microsoft, for example, notes that:

  • I Personalized promptbooks allow users to create and save a series of prompt useful in a natural language.
  • L’integration with Knowledgebase allows you to combine Copilot for Security within business logic and processes, with the possibility of carrying out customized activities.
  • Connection to the external attack surface: relying on the information returned by Defender EASMCopilot for Security helps you manage your organization’s attack surface by identifying and analyzing the most up-to-date risk information. Microsoft Defender External Attack Surface Management (Defender EASM) is a technology that allows you to discover and map the digital attack surface to provide an external view of the infrastructure. It is a tool that allows IT teams and security experts to identify risks, eliminate threats and extend vulnerability control, controlling enterprise exposure beyond the firewall.
  • I access and diagnostic logs provide Copilot for Security with additional insights for security investigations and IT problem analyses. Captured logs relating to the activities of a user, a set of accounts or specific events are summarized in natural language.

In general, however, Copilot for Security will be available both as a stand-alone portal and as an integration into existing security products.

Artificial intelligence that combines knowledge deriving from the cloud with company data on the security side

We have already seen that thatdata ontology stored in company systems allows you to create generative models at the service of business decisions. The trend is precisely this: information stored on local systems can be used to power and optimize the generative model.

No application field is excluded a priori: and Microsoft demonstrates this with the global release of Copilot for Security. As seen in this introductory video, the IT team has the option to send prompt that is, actual requests in natural language to obtain technical details and practical suggestions on managing a security incident, to extract information on the latest alerts related to potential data loss, to gather clues about possible data breaches, describe the impact of new ones policy on users, analyze the behavior of suspicious code and scripts, and much more.

In fact Copilot for Security, thanks to the broad program partner currently made up of over 100 entities, it can connect with the software solutions and platforms of others vendor significantly improving his skills and the effectiveness of the proposed solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *