Microsoft Unveils AI Agents for Enhanced Security Copilot

Microsoft Boosts Security Copilot with New AI Agents

Microsoft Corp. is enhancing its Security Copilot service with a suite of artificial intelligence (AI) agents designed to streamline repetitive tasks for users. This upgrade was announced recently alongside improvements to other components of Microsoft’s cybersecurity offerings.

Overview of Security Copilot

Launched in April of last year, Security Copilot is a tailored version of Microsoft’s Copilot AI assistant. This tool assists cybersecurity professionals by allowing them to analyze breach data using natural language. Furthermore, it automates several related responsibilities, including establishing access controls for employee devices, which can help improve an organization’s overall security efficiency.

Introduction of New AI Agents

As part of the enhancements, Microsoft is introducing six new AI agents that have been developed in-house. Additionally, five agents created by partner companies will also be available. This addition aims to broaden the functionality and usability of Security Copilot.

Microsoft-Developed Agents

1. Phishing Triage Agent

   • This agent is capable of reviewing phishing alerts generated by a company’s cybersecurity systems, effectively filtering out false positives to enhance decision-making for security teams.

2. Purview Notification Agents

   • Two agents are designed specifically to analyze notifications from Microsoft Purview, which monitors instances where employees may misuse business data.

3. Conditional Access Optimization Agent

   • Integrated with Microsoft Entra, this tool helps administrators manage employee access to applications. It identifies risky user access rules and can automatically generate fixes for administrators to implement quickly.

4. Vulnerability Remediation Agent

   • By working with Microsoft Intune, this agent assists in pinpointing vulnerable endpoints in Windows devices, allowing administrators to more rapidly apply necessary patches.
5. Threat Intelligence Briefing Agent
   • This agent produces reports detailing potential cybersecurity threats to an organization. Microsoft’s threat intelligence unit gathers an impressive 84 trillion data points daily regarding various online risks, including ransomware threats.

Partner-Developed Agents

The agents created by Microsoft’s partners address specific needs not covered by the built-in tools. For instance:

• Aviatrix’s Agent: Offers support for troubleshooting network issues.
• OneTrust’s Tool: Facilitates compliance with privacy regulations.

Significance of the Enhancements

Vasu Jakkal, Microsoft’s Corporate Vice President of Security, emphasizes that these innovations grant security teams greater control. With the new agents, responses can be expedited, risks prioritized, and overall efficiency improved, thereby enhancing an organization’s security posture and resilience against cyber threats.

Additional Cybersecurity Enhancements

In addition to introducing these AI agents, Microsoft is rolling out further updates to its cybersecurity tools:

• Edge for Business: This is an enterprise-oriented version of Microsoft’s web browser, now enhanced to prevent employees from entering sensitive information into chatbots.

• Integrations with Third-party Products: Controls will be implemented for desktop-based chatbot clients through collaborations with third-party secure access service edge (SASE) products.

• Defender for Cloud: This focused tool aims to protect cloud applications from hackers. New features will be added to assist in identifying vulnerabilities present in cloud-based AI workloads, making it more robust for organizational needs.

By integrating these new features and agents, Microsoft is reaffirming its commitment to improving cybersecurity and aiding professionals in the ever-evolving landscape of digital threats.

Please follow and like us: