News
AI-Powered Microsoft Security Copilot Revealed
Microsoft on Tuesday announced a new predictive language chat tool for security experts called
Microsoft Security Copilot.
The new tool, which was unveiled during Microsoft's virtual Secure security conference, aims to provide security experts with increased visibility and network analysis with the help of a ChatGTP-4-powered assistant. Microsoft said it's designed to be easily deployed and managed, and is integrated with other Microsoft services, like Microsoft Defender for Endpoint and Azure Security Center.
During Tuesday's keynote event address, Microsoft CEO Satya Nadella stressed the importance of collaboration when it comes to threat protection. "We know that no one organization can solve this challenge alone," said Nadella. "That's why we're introducing Security Copilot, to help organizations work together and respond to threats more effectively."
Microsoft's goal is to centralize the threat monitoring of a network across Microsoft's portfolio of security tools to provide a one-stop window for IT. As with other current OpenAI's ChatGTP-4 integration efforts, users can retrieve information and analysis through chat prompts, like "show me latest security incidents" or "display status of connected users."
[Click on image for larger view.] Figure 1. Microsoft Security Copilot displaying a device threat. Source: Microsoft
The constant monitoring capabilities of Microsoft Security Copilot is powered by data collected from other security products, including Microsoft Defender, Intune and Sentinel, and brings together the company's real-time analysis of global threats to provide users with an accurate look into the security landscape. This includes "65 trillion daily signals" from its user base.
Microsoft said that the new AI-based security offering, which is now currently in preview, will not replace security experts, but improve IT's efficiency in handling threats. "Human creativity and knowledge will always be imperative for defense," said Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management, in an announcement blog post. "Security Copilot can augment security professionals with machine speed and scale, so human ingenuity is deployed where it matters
most."
Security Copilot also comes with automation tools to assist in protecting a network when attacks occur. Once a malware incident is detected, the new Microsoft security tool can perform a number of actions, including isolating the affected devices from the network and blacking the harmful traffic.
Additionally, Security Copilot also includes data privacy regulations and other security standard tools, which can assist with data discovery, classification, and protection, as well as provide reports and audits to demonstrate compliance with regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). It also confirmed that it will not be collecting incident data from enterprises to feed back to the AI model, ensuring that info will stay within a network.
While Security Copilot in its current preview form only works with Microsoft's suite of security offerings, the company said it will develop to include support for third party solutions in the future.