First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest.
With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases and into promising areas that can dramatically improve the day-to-day work of security teams, like incident response, risk assessment, and identity troubleshooting.
In a randomized control trial, participants who tried it improved their security response time by as much as 26%.1 For security novices with basic IT skills, the analysts using Security Copilot performed significantly better than members of the control group.
86% of participants said Security Copilot helped them improve the quality of their work, and 90% noted they want Security Copilot the next time they do the same task.
Security Copilot has expanded beyond the security operations center with new use cases and product experiences to help more security and IT teams protect at machine speed and scale.
Security Copilot will help IT and security professionals strengthen their skills, collaborate more effectively, and catch attacks that might otherwise be missed.
Security Copilot integrates across Microsoft's security, identity, and compliance experiences to deliver greater end-to-end value of your security tools.
The new use cases for Security Copilot now extend beyond investigations in your security operations center to support various security necessities for organizations seeking to strengthen their security against cyberthreats.
We tailored Security Copilot to be interoperable to meet the top cybersecurity needs of the enterprise-device management, identity management, data security, and cloud security.
To strengthen your defenses against identity compromise, Security Copilot integrates with Microsoft Entra to assist in investigating identity risks and help with troubleshooting daily identity tasks, such as why a sign-in required multifactor authentication or why a user's risk level increased.
Data security: Data security and compliance teams review a multitude of complex and diverse alerts spread across multiple security tools, each alert containing a wealth of rich insights.
To make managing data protection easier, Security Copilot integrates with Microsoft Purview to summarize capabilities for Microsoft Purview Data Loss Prevention, Microsoft Purview Insider Risk Management, Microsoft Purview eDiscovery, and Microsoft Purview Communication Compliance workflows to make sense of profuse and diverse data, accelerate investigation and response times, and enable analysts at all levels to complete complex tasks with AI-powered intelligence.
With Security Copilot and Microsoft Defender for Cloud integrated, security admins can identify critical risks to resources faster with guided risk exploration that summarizes risks and enriches investigations with contextual insights such as critical vulnerabilities, sensitive data, and lateral movement.
While Security Copilot extends capabilities to new members of the security and IT teams, it has also expanded how many of these capabilities are experienced.
For diverse organizations seeking various ways to summarize insights and remediate or troubleshoot investigations, Security Copilot can be leveraged in an immersive standalone portal or embedded intuitively into existing familiar security products.
While in early access, Security Copilot is expanding into embedded experiences across various Microsoft Security solutions.
The Unified Security Operations Platform with Microsoft Sentinel and Microsoft Defender XDR: Capabilities include guided response for end-to-end incident investigation and response, natural language Kusto Query Language for threat hunting, and expert code analysis.
The Security Copilot Early Access Program lets you try the latest in Microsoft Security's generative AI solution and see how it integrates with your Microsoft Security tool set.2 Interest in the Security Copilot Early Access Program has been high with limited space still available.
1Microsoft Security Copilot randomized controlled trial conducted by Microsoft Office of the Chief Economist, November 2023.
2Microsoft Security Copilot Early Access program includes Microsoft Defender Threat Intelligence at no additional cost and integrations with Microsoft Defender, Microsoft Sentinel, and Microsoft Intune.
This Cyber News was published on www.microsoft.com. Publication date: Thu, 07 Dec 2023 14:43:05 +0000