Microsoft Copilot for Security, a subscription AI security service, will be generally available on April 1, 2024, the company announced on Wednesday.
Its arrival on April Fool's Day is purely coincidental.
As a measure of the company's commitment to software-as-revenue-generating-service, Microsoft on Tuesday invited a handful of journalists, this reporter among them, to attend a media briefing and make inquiries about the automation offering from enthusiastic employees and customers.
Copilot for Security, early access to which was offered in October, provides generative AI in two modes.
It's available as a standalone portal that can be integrated with third-party products.
It's also available as an embedded service within Microsoft products like Sentinel, Defender XDR, Purview, Priva, and Entra.
Based on GPT-4 and a Microsoft security-specific model, Copilot for Security takes input from people or scripts, passes the text through an orchestrator layer, a context layer, and possibly application plugins, then returns a response from the underlying AI model.
This might involve summarizing a document or flagging a suspicious interaction with the AI model, or perhaps generating recommendations to shore up security practices.
Amid all this, Jakkal said, there's a shortage of security talent.
Copilot for Security was initially conceived for security operations and threat protection tasks, Jakkal explained, like threat investigation, reverse engineering malware, incident reporting, and guided incident response plans.
As of last October, the service was expanded to handle tasks related to identity, data security, and IT skills.
The primary value proposition of Copilot for Security is said to be productivity.
According to Microsoft's own research [PDF] into Microsoft XDR, those using the security service with help from Copilot for Security finished tasks 22 percent faster on average than those without AI help.
This productivity gain was not seen for all activities, however.
The company's data supports the company product, citing improvements in accuracy and quality, and employee enthusiasm as consequence of Copilot adoption.
Rui Correia, security operations center manager for Signode in Switzerland, told The Register that his firm has been using Copilot for Security since November for tasks like malware analysis, incident response, and alert investigations.
Correia said he had compared the investigation process both with and without Copilot.
The latest iteration of Copilot for Security includes: support for custom promptbooks, which allow customers to craft and save their own prompts for common tasks; company-specific knowledge base integrations; support for prompts and responses in eight languages, with 25 languages via the standalone interface; third-party integration with partner services; and usage reporting that shows how teams are using Copilot.
This Cyber News was published on go.theregister.com. Publication date: Wed, 13 Mar 2024 16:13:05 +0000