After Microsoft 365 Copilot, Microsoft has now unveiled the Microsoft Security Copilot, a new tool that aims to leverage OpenAI’s large-scale language model, GPT-4, to address today’s cybersecurity landscape’s speed and scale demands.
The Microsoft Security Copilot incorporates Microsoft’s security model based on GPT-4 and is similar to the Large Language Model (LLM) that powers Bing, but with a focus on network security instead of general conversational knowledge and web search optimization.
The Security Copilot can process up to 65 trillion threat signals collected from security tools like Microsoft Sentinel and generate summaries of malicious activity, such as compromised accounts, in natural text. The tool is expected to complement the work of security professionals with the speed and scale of machines, empowering human creativity where it matters most.
The adoption of generative AI is accelerating in enterprise security, with leading vendors seeking to help realize their vision of an automated SOC. Microsoft’s Security Copilot aims to serve as a force for overworked and undersupported network administrators. It adds a learning system to create and refine new skills, catches information that may be overlooked by other approaches, and helps analysts augment their work. For a typical incident, this augmentation translates into improved detection quality, response speed, and the ability to strengthen our security posture.
Security Copilot is a new AI system that has not been tested yet, so it does not operate fully autonomously, requiring a human administrator to be in the loop at all times. Humans are the verifiers, and AI is the data feeder.
To fully protect sensitive trade secrets and internal business documents that Security Copilot is designed to protect, Microsoft promises not to use customer data for future Copilot re-training. It remains to be seen how much of their data or insights derived from it users will share. The company has not said if or when these security features will also be available to individual users.
Security Copilot is a new tool that aims to empower human creativity by complementing the work of security professionals with the speed and scale of machines. With this tool, administrators can respond to emerging security threats.