How Microsoft Leverages AI for Security with Security Copilot
In the session, Bell said Microsoft provides three advantages against threat actors:
- Data and threat intelligence
- Integrated, end-to-end protection
- Secure AI
According to Jakkal, these three elements drive innovation and let Microsoft help businesses protect their environments end to end from every angle, including security, compliance, identity and access management, threat protection and cloud security. But AI in particular will “turbocharge” security innovations, she said.
“We can now harness everything we see and everything we own with AI expertise that transcends the knowledge that any one individual could amass,” Bell added.
According to Bell, Security Copilot is more than just a chat application that legacy vendors may provide. Instead, Security Copilot is a security-specific AI tool that uses the latest AI models from OpenAI — currently GPT-4 — and combines that technology with a Microsoft-developed, security-specific model, Microsoft’s Global Threat Intelligence, enhanced with cyber skills and promptbooks.
Microsoft Announces Unified Security Operations Platform
“Security Copilot isn’t just summarizing a prompt. It’s reasoning over multiple data sources to do at machine speed what would take hours for a human to do,” Bell said.
Users can ask Security Copilot natural language questions on any security matters, including what’s going on in their environment, which incidents to focus on, how to manage them and what the impact is on their organization. Ideally, Copilot greatly lessens the alert fatigue that security teams experience as they receive hundreds of alerts from their security platforms on potential threats.
Additionally, the Microsoft team during the session announced the creation of a unified security operations platform that combines Copilot; Defender, Microsoft’s extended detection and response solution; and Sentinel, the company’s security information and event management solution.
“Every second counts when it comes to an incident. Analysts and security operations centers are always working to reduce their mean time to respond,” said Sherrod DeGrippo. “To help them, we’ve reimagined security operations with a streamlined workflow … enriched with more AI, more automation and more guidance.”