Microsoft Security Copilot to offer raft of “new capabilities” for 365 Defender
Microsoft Security Copilot will give 365 Defender users real-time malware tracking and automated incident summaries
Microsoft Security Copilot is set to provide “new capabilities” for 365 Defender users as part of an early access program roll-out, the tech giant has announced.
The scheme, which is being rolled out to selected customers, will include deeper integration of the AI assistant within Microsoft’s extended detection and response (XDR) platform.
Microsoft said the integration will help “guide analysts directly with actionable recommendations''. This will include automated, natural language-based incident summaries and post-response activity reports to speed up remediation efforts for security practitioners.
The tech giant said the introduction of Copilot within 365 Defender means security analysts “of any skill level” can be guided through threat remediation and response processes.
“This seamless workflow helps reduce the time to respond to threats,” the firm said.
Natural language queries will also be available for users to “simplify” proactive threat hunting. Real-time malware analysis will also be available as part of the integration, Microsoft said.
“Understanding and reverse-engineering malware has, to date, only been accessible to the most advanced incident responders,” the firm said. “With Security Copilot, it becomes easier to analyze and understand complex and also obfuscated PowerShell command line scripts and document the flow.”
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
In addition to the new features, Microsoft said the Copilot will now be integrated by default within its Microsoft Defender Threat Intelligence platform.
Microsoft Security Copilot: The story so far
The announcement from Microsoft marks the latest in a string of generative AI feature rollouts for the tech giant’s product range.
In September, Microsoft announced generative AI features will be extended to 365 Chat customers. Copilot capabilities have also been rolled out to Microsoft Teams and Windows 11 in recent weeks.
The firm initially unveiled Microsoft Security Copilot in March 2023, marking the first major roll-out of a generative AI-powered assistant for use in cyber security operations.
Leveraging GPT-4 generative AI, the Copilot offers users prompt-based security detection and remediation features for Windows customers.
Meet your team’s warehouse and lakehouse infrastructure needs
DOWNLOAD NOW
The Copilot is capable of providing intuitive, detailed responses to user queries, such as “how can I improve my security posture”, or “tell me about my latest incidents”.
In the aftermath of the launch, the move from Microsoft was hailed as a watershed moment for the use of generative AI tools in cyber security, with industry stakeholders describing it as the “security release of the year”.
So far, the use of the Copilot tool has unlocked significant benefits to users, both in terms of threat response and productivity improvements, Microsoft said. Preview customers are already saving “up to 40% of their time” on core operational tasks.
“Security Copilot can effectively up-skill a security team, regardless of its expertise, save them time, enable them to find what previously they might have missed, and free them to focus on the most impactful projects,” the firm said.
Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.
He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.
For news pitches, you can contact Ross at ross.kelly@futurenet.com, or on Twitter and LinkedIn.