Highlights:
- Three of Microsoft’s newly developed tools are designed to help cybersecurity professionals manage alerts more efficiently.
- Completing the lineup is the Threat Intelligence Briefing Agent, which enhances Security Copilot by generating reports on cybersecurity threats that may impact an organization’s systems.
Microsoft Corp. is improving Security Copilot service with a suite of artificial intelligence agents to automate repetitive functions for users.
The company introduced these new agents, along with enhancements to other areas of its cybersecurity portfolio.
Originally launched last April, Security Copilot is a specialized version of Microsoft’s Copilot AI assistant, helping cybersecurity professionals retrieve breach-related data using natural language prompts. It also streamlines tasks such as configuring access controls for employee devices.
Now, Microsoft is enhancing Security Copilot with six internally developed AI agents, which will be deployed alongside five partner-built agents from Aviatrix Systems Inc., OneTrust LLC, Tanium Inc., Fletch, and BlueVoyant LLC.
Three of Microsoft’s newly developed tools are designed to help cybersecurity professionals manage alerts more efficiently. The Phishing Triage Agent, for instance, reviews phishing alerts from a company’s cybersecurity systems and filters out false positives. Additionally, two agents focus on analyzing notifications from Purview, Microsoft’s application for detecting unauthorized use of business data by employees.
The fourth addition, the Conditional Access Optimization Agent, is built to work with Microsoft Entra, which administrators use to control employee access to applications. This agent identifies insecure user access rules and suggests fixes that administrators can apply with a single click.
The fifth, the Vulnerability Remediation Agent, integrates with Microsoft’s Intune platform for managing Windows devices. According to Microsoft, this tool allows administrators to more quickly detect vulnerable endpoints and apply necessary operating system patches.
Completing the lineup is the Threat Intelligence Briefing Agent, which enhances Security Copilot by generating reports on cybersecurity threats that may impact an organization’s systems. Microsoft’s threat intelligence unit gathers an immense 84 trillion data points daily, tracking risks such as ransomware campaigns.
Meanwhile, the partner-developed agents for Security Copilot tackle additional use cases beyond Microsoft’s built-in tools. For example, Aviatrix’s agent assists customers with network troubleshooting, while OneTrust’s tool simplifies compliance with privacy regulations.
“With security teams fully in control, agents accelerate responses, prioritize risks, and drive efficiency to enable proactive protection and strengthen an organization’s security posture,” Vasu Jakkal, Corporate Vice President of Microsoft Security, stated.
Microsoft is introducing these AI agents alongside broader upgrades to its cybersecurity portfolio. The enterprise-focused Edge for Business browser now includes a feature that prevents employees from entering sensitive data into chatbots. Similar protections will soon be available for desktop-based chatbot clients through integrations between Purview and third-party secure access service edge (SASE) solutions.
Another key update focuses on Defender for Cloud, Microsoft’s cybersecurity tool for safeguarding cloud applications from hackers. The latest enhancements aim to improve its ability to detect vulnerabilities in cloud-based AI workloads more effectively.
