Microsoft launches Security Copilot AI assistant for cybersecurity

1 min read

We may receive a portion of sales if you purchase a product through a link in this article at no cost to you, though all opinions are our own. For more information, please read our ethics statement. Please note that pricing and availability are subject to change.

Microsoft today introduced its latest artificial intelligence (AI) tool for cybersecurity professionals, the Microsoft Security Copilot. Following the release of the AI-powered Copilot assistant for Office apps, the Security Copilot is designed to assist cybersecurity professionals in identifying breaches and understanding the vast amounts of data and signals available to them on a daily basis.

The Security Copilot utilizes OpenAI’s GPT-4 generative AI and Microsoft’s own security-specific model to help security analysts hunt down threats. It can be used to help with incident investigations, summarize events, and provide assistance with reporting. The tool is designed to assist security analysts rather than replace them and includes a pinboard section for co-workers to collaborate and share information.

Security Copilot accepts natural language inputs and can summarize incidents, analyze files, URLs, or code snippets, and provide information from other security tools. All prompts and responses are saved, ensuring there is a full audit trail for investigators. Results can be summarized and pinned into a shared workspace, allowing colleagues to work on the same threat analysis and investigations.

One of the most interesting features of the Security Copilot is the prompt book, which allows users to bundle a set of steps or automation into a single button or prompt. This feature could be used to create a shared prompt for security researchers to reverse engineer a script, removing the need to wait for someone on their team to perform this type of analysis.

Unlike Bing, Microsoft has limited the Security Copilot to just security-related queries. Microsoft is sourcing information from the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology’s vulnerability database, and its own threat intelligence database. However, Microsoft acknowledges that the Security Copilot may not always get things right, and the company is offering users the ability to provide feedback to improve the tool’s accuracy.

Microsoft is starting to preview the Security Copilot with a few customers, and the company has not yet announced a timeline for general availability. The company believes that it is important to learn and improve the product before rolling it out more broadly.