The emergence of GenAI is changing the world as we know it. This 'once in a generation' technology leap is already helping defenders see more and move faster, complementing human ingenuity and expanding our capabilities to protect beyond what was possible yesterday.
To help you seize this opportunity, we are excited to announce the general availability of Microsoft Copilot for Security (Copilot) on April 1st. This industry-leading product is the only generative AI solution that helps security and IT professionals amplify their skillset, collaborate more, see more, and respond faster.
In a recent research study conducted by Microsoft's Office of the Chief Economist, experienced security analysts using Copilot were 22% faster at the common security tasks we gave them, and they achieved these time savings while also increasing accuracy by 7%.
These gains in speed, accuracy, and sentiment mean that security and IT teams have the power to radically improve not only their work, but also their sense of job satisfaction as they find the time to work on the most critical tasks, vs. being bogged down in the more mundane part of their roles. View the full report or infographic for more results from the study.
"Recently we hired a few junior analysts and what we've seen is, to get those folks up to speed, with Copilot, the speed is tremendous," said Mario Ferket, Chief Information Security Officer at Dow. "If you want to create a complex KQL script, you can now use natural language. This levels the playing field because in the past, the junior analysts would have needed help from senior analysts to do that type of work."
Gain context for incidents and improve communication across your organization by leveraging generative AI to swiftly distill complex security alerts into concise, actionable summaries, which then enables quicker response times and streamlined decision-making.
Utilize AI-driven analytics to assess the potential impact of security incidents, offering insights into affected systems and data to prioritize response efforts effectively.
Eliminate the need to manually reverse engineer malware and enable every analyst to understand the actions executed by attackers. Analyze complex command line scripts and translate them into natural language with clear explanations of actions. Efficiently extract and link indicators found in the script to their respective entities in your environment.
Receive actionable step-by-step guidance for incident response, including directions for triage, investigation, containment, and remediation. Relevant deep links to recommended actions allow for quicker response.
Custom promptbooks allow customers to create and save their own series of natural language prompts for common security workstreams, tasks, and scenarios.
Expanded language localization now includes prompting and responses in eight languages and the product interface is now available in 25 languages to deliver improved user experiences.
Connect to your curated external attack surface from Microsoft Defender EASM to identify and analyze the most up-to-date information on your organization's external attack surface risks.
Microsoft Entra audit logs and diagnostic logs give additional insight for a security investigation or IT issue and summarize audit logs related to a specific user or event.
"By integrating Copilot for Security with our MXDR service offering and Difenda AIRO, we continue to rapidly address routine triage and response activities. Through customer testing, we have proven at least a 60% reduction in alert volume from phishing incidents and we are excited to see the drastic acceleration of cyber security program maturity for companies of all levels."
Discover the innovations MISA partner, Quorum Cyber, is making to help defend customers against cyber threats at scale with the generative AI capabilities of Copilot for Security. Watch the video.
Learn how MISA partner, Netskope, is advancing threat response and enhancing data protection for customers with the generative AI capabilities of Copilot for Security. Watch the video.
Today we have a rapidly growing library of plugins for Copilot for Security, and we continue to work with our partner ecosystem to deliver more. Most recently, we are highlighting:
For partners who want to join us on the Copilot for Security journey to help our mutual customers please visit us at https://aka.ms/CopilotforSecurityPartners to learn more.
Microsoft plans to make Copilot for Security generally available for purchase as a consumption offering beginning April 1, 2024. We will have one simple pricing model that covers both the standalone Copilot experience, and embedded experiences across the Microsoft Security product portfolio.
A consumption model means it will be easy to get started quickly and on a small scale, to experiment and learn with no upfront per device or per user charges. Customers will use their existing Azure subscription or sign up for one if they are not already an Azure customer. They will then be able to provision Azure capacity to support all their Copilot for Security workloads, both standalone and embedded. Copilot for Security capacity is anticipated to be billed monthly via a new Security Compute Unit (SCU) at the rate of $4/hr.