October 23, 2023 at 09:08AM
Microsoft is launching the early access program for Security Copilot, an AI cybersecurity tool embedded in the Microsoft 365 Defender XDR platform. The tool aims to save time for security teams by providing step-by-step instructions on managing incidents and offering insights to upskill existing staff. It can generate natural language reports, craft queries, and provide access to threat intelligence. The program is available to qualified organizations, but no general availability date has been announced.
Key takeaways from the meeting notes:
1. Microsoft is launching an early access program for Security Copilot, its flagship cybersecurity AI product.
2. Security Copilot is embedded within the Microsoft 365 Defender XDR platform and aims to save time on routine security operations tasks.
3. The tool is designed to upskill security teams and provide insights they may not be able to generate themselves.
4. Security Copilot can summarize security incidents into natural language reports, saving time and improving incident response.
5. The tool analyzes key events of a security incident, provides remediation actions, and breaks down malicious scripts.
6. It can generate natural language queries in Kusto Query Language (KQL) for threat hunting.
7. Early access customers also gain access to Microsoft Defender Threat Intelligence and its API at no extra cost.
8. Security Copilot supports vulnerability and patch management by identifying endpoints that need securing.
9. Microsoft aims to deliver security in a coherent way across multiple cyberthreat vectors with its XDR solution.
10. The early access program is still accepting qualified organizations, with no general availability date announced yet.