pds-it
['Blog post','no']
Microsoft Technology
Blog

AI-based Security Copilot is in the test phase

Contents

    Microsoft introduced Security Copilot in the spring of this year. With the help of generative AI, Security Pilot is designed to "strengthen cyber defense and respond faster to incidents", according to Microsoft. The program is now in early access. Selected companies are allowed to test Security Pilot.

    Everything "on copilot" at Microsoft

    Word and Excel have a co-pilot. Outlook too. And Dynamics 365 also "runs on co-pilot" if customers want it to. The concept is anything but new. Microsoft Copilot is a system based on generative AI that offers user:in assistance in the event of problems.

    In March, Microsoft announced a Copilot project for cyber security. The generative AI is designed to provide solutions to security problems as simply as possible. Security Copilot recognizes threats more quickly and reacts accordingly. To do this, Copilot draws on models from OpenAI, as well as numerous security data from companies and Microsoft itself.

    The use of generative AI promises a system that learns over time. According to Microsoft, Security Copilot will summarize collected data in a comprehensible way and draw new information from it. This means that Copilot can classify threats and is able to set priorities when dealing with attacks. Put simply, Security Copilot does not immediately close the entire system when a spam mail lands in a mailbox. In the event of a major malware attack, however, the measures can be correspondingly efficient.

    Can Microsoft keep its Security Copilot promises?

    Early Access and the associated test phase should provide the first answers to the question of how well Microsoft's Security Copilot does its job. The demand is likely to be high. For the time being, Microsoft is only making the program available to qualified customers. We can only guess what "qualified" means. Presumably, these are mainly large corporations whose systems are complex and offer a greater target for security attacks.

    Security Copilot works via a connection to Microsoft 365 Defender. After integrating Copilot into Defender, security officers receive recommendations for action on security-relevant incidents. According to Microsoft, Copilot provides content summaries that can be used to respond to threats at the click of a mouse.

    Security Copilot will be included in Microsoft Defender Threat Intelligence at no additional cost. This gives user:in access to Microsoft's own threat data. Companies that work with Managed Security Service Providers (MSSP) have the option of extending access to Security Copilot and using it in conjunction with MSSP.

    Microsoft is not providing details on the conditions for participating in Early Access. Companies interested in participating in the test phase should contact their Microsoft sales partner.

    Get to know Microsoft Defender with skill it

    The Defenders are Microsoft's security solutions. Almost all Microsoft applications and systems have their own Defender. While Security Pilot is integrated into Microsoft 365 Defender, all other programs have an additional Defender. Basically, all systems are doubly protected.

    However, this alone does not protect against attacks. It is therefore important to know the individual defenders and how they ward off or neutralize threats.

    In our Microsoft Security Operations Analyst training you will learn about the following Microsoft Defender:

    - Microsoft Azure Defender

    - Microsoft 365 Defender

    - Microsoft Defender for Cloud Apps

    - Microsoft Defender for Identity

    - Microsoft Defender for Endpoint

    The four-day training prepares you for the exam to obtain the "Microsoft Certified: Security Operations Analyst Associate" certificate.

    Author
    Marcel Michaelsen
    Marcel writes IT content for websites as a freelancer at Textflamme. The topics range from product descriptions to complex technical articles.