“Security Copilot is an AI assistant for security teams that builds on the latest in large language models and harnesses Microsoft’s security expertise and global threat intelligence to help security teams outpace their adversaries,” said Vasu Jakkal, corporate vice president, security, compliance, identity, and management at Microsoft. Available in private preview since March 2023, Security Copilot allows security analysts to submit prompts in natural language, much like ChatGPT, to get actionable responses and simplify threat hunting. It can provide a summary of specified incidents that includes details about how they happened along with a technical overview to help responders in their investigation. It allows security teams to inspect scripts and codes without using external tools, to identify whether a script is malicious or not. Threat hunters can used its query assistant to turn natural-language questions into ready-to-run Kusto Query Language (KQL) queries. Finally, Security Copilot can also help with security posture management, as it helps pinpoint whether the organization is susceptible to known vulnerabilities and exploits. It then provides guidance for risk prioritization and remediation. “Security Copilot is already helping our preview customers save up to 40 percent of their time on core security operations tasks with capabilities such as writing complex queries based only on natural language questions and summarizing security incidents,” Jakkal claims. “[It] can effectively up-skill a security team, regardless of its expertise, save them time, enable them to find what previously they might have missed, and free them to focus on the most impactful projects.”
Full report : Microsoft makes its AI-based Security Copilot available via an invitation-only Early Access Program.