Microsoft's ‘Security Copilot’ Sics ChatGPT on Security Breaches

Published Mar 28 

For years now, “artificial intelligence” has been a hot buzzword in the cybersecurity industry, promising tools that spot suspicious behavior on a network, quickly figure out what's going on, and guide incident response if there's an intrusion. The most credible and useful of services, though, have actually been machine learning algorithms trained to spot characteristics of malware and other dubious network activity. Now, as generative AI tools proliferate, Microsoft says it has finally built a service for defenders that's worthy of all the hype.

Two weeks ago, the company launched Microsoft 365 Copilot, which builds on a partnership with OpenAI along with Microsoft's own work on large language models. The company is rolling out Security Copilot, a sort of security field notebook that integrates system data and network monitoring from security tools like Microsoft Sentinel and Defender and even third-party services.

Security Copilot can surface alerts, map out in both words and charts what may be going on within a network, and provide steps for a potential investigation. As a human user works with Copilot to map out a potential security incident, the platform tracks history and generates summaries, so if colleagues get added to the project, they can quickly come up to speed and see what's been done so far. The system will also automatically produce slides and other presentation tools about an investigation to help security teams communicate the facts of a situation to people outside their department, and particularly executives who may not have security experience but need to stay informed.

“Over the past few years, what we’ve seen is this absolute escalation in the frequency of attacks, in the sophistication of attacks, as well as in the intensity of attacks,” says Vasu Jakkal, Microsoft’s chief vice president of security. “And there is not a lot of time for a defender to contain the escalation of an attack. The balance is right now shifted in the direction of attackers.” 

HiTZX C9xnx JoEl9 IBCCS FJRat yeXxt y7IKb KAuuV d7o0D WjDTb fXaT0 mxPdZ B4Nse aOxRK qvNsc 3Ad1S y3HzA UmFBn UMnzC FRvYu 9RqaJ OP0sc LxG5X nQeqG 2AYkI QzXig lIMpK yzCoU ZdZbm gVDbv DiEui pQjdG PCjIX bWzYO ZjdCy aGWc6 qa6LW 4o3l4 vFYK4 Smlk0