Microsoft Introduces Security Copilot Agents
2 minutes
Microsoft has announced new developments in its AI security capabilities. The company has introduced AI security agents as an extension of Microsoft Security Copilot, focusing on areas including phishing, data security, and identity management.
Think you can break an AI model? Join HackAPrompt 2.0, the world's largest AI safety and prompt hacking competition. With over 100 challenges across 5 tracks and 30,000+ participants, you'll help stress test models and uncover vulnerabilities to build safer AI systems. Join the waitlist.
Background
Microsoft launched Security Copilot in 2023 as an AI-powered security tool. Between January and December 2023, Microsoft's systems detected over 25 billion phishing emails targeting customers. Microsoft Threat Intelligence currently processes 78 trillion signals per day, including 6,500 password attacks per second.
New Security Copilot Agents
Microsoft has announced six new AI agents integrated with its security platform:
-
Phishing triage agent (Microsoft Defender): Processes phishing alerts and provides explanations for its decisions based on admin feedback.
-
Alert triage agents (Microsoft Purview): Handles data loss prevention and insider risk alerts with incident prioritization capabilities.
-
Conditional access optimization agent (Microsoft Entra): Monitors new users and applications, identifies policy gaps, and generates policy update recommendations.
-
Vulnerability remediation agent (Microsoft Intune): Monitors vulnerabilities and configuration issues across apps and policies, including Windows OS patches.
-
Threat intelligence briefing agent (Security Copilot): Curates threat intelligence based on organization-specific cyber risk profiles.
-
Security posture agent: Assesses organizational security configurations and compliance status.
These agents are currently in private preview with select customers.
Partner Agents
Microsoft has announced five partner-developed AI agents:
-
Privacy breach response agent (OneTrust): Provides breach analysis and regulatory compliance guidance.
-
Network supervisor agent (Aviatrix): Analyzes VPN, gateway, and Site2Cloud connection issues.
-
SecOps tooling agent (BlueVoyant): Evaluates security operations centers and provides control recommendations.
-
Alert triage agent (Tanium): Provides context for security alert analysis.
-
Task optimizer agent (Fletch): Processes and prioritizes cyberthreat alerts.
Conclusion
Microsoft's Security Copilot update introduces new AI agents designed to automate security tasks through integration with their security platform. The release includes both Microsoft-developed and partner-created agents, with initial deployment through private preview to select customers.
Valeriia Kuka
Valeriia Kuka, Head of Content at Learn Prompting, is passionate about making AI and ML accessible. Valeriia previously grew a 60K+ follower AI-focused social media account, earning reposts from Stanford NLP, Amazon Research, Hugging Face, and AI researchers. She has also worked with AI/ML newsletters and global communities with 100K+ members and authored clear and concise explainers and historical articles.