Product attributes
Other attributes
Microsoft Security is a division of Microsoft providing online security against cyberthreats. Microsoft provides security products for large corporations, SMEs, and individual users. For companies, Microsoft offers cloud-powered security solutions to protect employees, customers, and business data. Features include automated security processes covering identity and access management, threat protection, information protection, and security management. Microsoft security products include the following:
- Defender for Cloud
- Microsoft 365 Defender (Defender for Office 365, Defender for Identity, and Defender for Cloud Apps)
- Microsoft Defender Threat Intelligence
- Microsoft Defender External Attack Surface Management - EASM
- Defender for Endpoint (on iOS, Android, MacOS, and Linux)
- Defender for Business
- Microsoft Sentinel
- Microsoft Intune
On March 28, 2023, at its inaugural Microsoft Secure event, Microsoft introduced a new Security Copilot integrating OpenAI's generative AI model GPT-4.
Microsoft Security Copilot combines the large language model (GPT-4) with a security-specific model from Microsoft. When the Copilot receives a prompt from a security professional, it can deploy skills and queries using GPT-4's capabilities. Microsoft's cyber-trained model adds a learning system to create and tune new skills. This allows the Security Copilot to help catch what other approaches might overlook, augmenting the analyst's work. Intended outcomes include improved quality of detection, speed of response, and the ability to strengthen security posture. Upon release, Security Copilot integrates the end-to-end Microsoft Security products with plans to expand to third-party products.
While the Security Copilot is still capable of making mistakes, it is a closed-loop learning system, meaning it's continually learning and improving through explicit feedback. Microsoft plans to continue learning from interactions with the new system, adjusting its responses to build more coherent, relevant, and useful answers.
Introducing Microsoft Security Copilot
Microsoft Security Copilot provides a prompt box, similar to other chatbots, where security professionals can ask questions. It is designed to assist human workers rather than replace them, helping them investigate incidents or quickly summarize events to improve reporting. For example, security professionals could ask for a summary of a vulnerability or alert information from other security tools. Results can be pinned into a shared workspace to improve collaboration among analysts. Another Security Copilot feature is a prompt book or a set of steps that users can combine into an easy-to-use button or prompt. This could involve a shared prompt to provide a script so analysts don't have to wait for another user to perform this type of analysis. Similar to Microsoft's new Bing, Security Copilot provides sources when sharing information on new vulnerabilities. The model uses information from the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology’s vulnerability database, and Microsoft’s own threat intelligence database.
