Microsoft Copilot for Security , Next-Generation Technologies & Secure Development

Microsoft to Make Copilot for Security Generally Available

How Copilot for Security Uses Generative AI to Make Defenders Efficient, Accurate
Microsoft to Make Copilot for Security Generally Available

Microsoft Copilot for Security will become generally available to customers and partners worldwide April 1, making organizations more accurate and efficient through artificial intelligence.

See Also: GDPR & Generative AI: A Guide for Customers

When using the generative AI-powered technology cyber defenses are improved and novices report they are 26% faster and 35% more accurate - and experienced analysts 22% faster and 7% more accurate, said Vasu Jakkal, corporate vice president for Microsoft's security business.Copilot for Security also increases job satisfaction - 97% of security analysts who tried the tool said they wanted to use it again.

"For the first time, I feel that defenders have a tool which is going to help them tilt the balance in this asymmetric war," Jakkal said during a press event. "It's going to help us stay ahead of attackers because we have this incredible data advantage."

Copilot leverages Microsoft's processing of 78 trillion signals to defend against threats at machine speed, catch what others miss and address the talent shortage in the cybersecurity industry, said Jakkal. It plays a key role in keeping institutional knowledge within companies by building a knowledge base that junior analysts can access to learn about past incidents and how experienced analysts have solved them.

Copilot for Security integrates with Microsoft's full breadth of products - including Defender, Sentinel, Purview, Entra and Intune - to enhance productivity and help analysts find things they might otherwise have missed. The product employs a consumption-based pricing model, which she said lowers barriers to entry for customers and allows for scalability and flexibility in usage according to the clients' needs.

"We can have customers start from a really low number of provision units and then scale as they get more skills," Jakkal said. "It really reduces the barriers to entry."

How Customers Can Benefit From Copilot for Security

Organizations need end-to-end security solutions, and Jakkal said Copilot meets this need by addressing challenges around security operations, identity, data security and device management. Key use cases addressed during the Copilot early access program include threat investigations, impact analysis, reporting and summarization, reverse engineering and guided response, Jakkal said.

Early access program clients told Microsoft they appreciated Copilot's integrated experience with Defender, greater accuracy around security operations and the productivity gains they witnessed, Jakkal told Information Security Media Group. Copilot significantly speeds up the security operations process by using generative AI to rapidly and accurately respond to security queries, she said.

"What we're really excited about is the end-to-end capabilities that Copilot is going to provide," Jakkal told ISMG. "It can reason over all of this data, and it can summarize and give you these answers pretty quickly and accurately."

The technology allows analysts to customize and personalize prompts and workflows based on their specific operational needs as well as integrate unique knowledge bases into the system, said Brandon Dixon, Copilot for Security product manager. During the early access program, junior analysts gained access to skills previously out of reach while senior analysts benefited from time savings through automation.

Based on early access program feedback, Dixon said, Microsoft gave companies the ability to customize promptbooks to help security analysts within their own organization more smoothly navigate through workflows. Some customers told Microsoft they didn't even realize large language models were capable of executing on a series of prompts to achieve a workflow, according to Dixon.

"From the EAP, I think the most interesting response that we gained was just how much savings and productivity boost that customers were seeing," Dixon told ISMG. "There were new skills that they otherwise didn't have access to that their teams could now do because of Copilot."

What Customers, Partners Think of Copilot for Security

At BP, Copilot for Security has significantly aided with script analysis and threat hunting, making complex tasks quicker and easier for analysts and raising the competency of staff regardless of experience level, said Vice President of Cyber Defense Chip Calhoun. Specifically, Calhoun said, Copilot helped analysts search faster for indicators of compromise and spot the characteristics of specific threat actors.

Meanwhile, the natural language interface of Copilot allowed security analysts at Sealed Air to improve their operational efficiency by using existing data in their environment more effectively, said Torrell Funderburk, executive director of cybersecurity architecture. Sealed Air analysts like how Copilot provided executive summaries and rapid insights to strengthen their understanding of current events.

"It allowed us to unlock all the data that we have in our environment and interface with the natural language," Funderburk told ISMG. "That was a very important and powerful capability for us."

PwC has enhanced Copilot capabilities through strategic insights and engineering services, including custom plug-ins and playbooks, according to Sloane Menkes, the company's Microsoft alliance leader for security and risk. By providing context-specific enhancements to Copilot, Menkes said, PwC can help adapt the technology to meet the diverse operational needs of various organizations.

Beyond traditional security operations, Copilot for Security can help with vulnerability management and incident response and can give the legal vertical the ability to transform many IT functions, said Mona Ghadiri, BlueVoyant's senior director of product management. User education and high-quality data allow organizations to get the most value out of Copilot for Security, she said.

"It's really important to broaden out ... those people who could use Copilot for Security," Ghadiri told ISMG. "Lawyers can use this. People who are doing product development can use this. It's not just about the SOC analyst."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.