Microsoft has announced an AI-powered Copilot assistant to Office apps. Now, Microsoft is focusing on cybersecurity. Microsoft Security Copilot, a new assistant for cybersecurity professionals that helps defenders detect breaches and understand the vast amounts of data they have daily.
Security Copilot is powered by OpenAI’s GPT-4 Generative AI and Microsoft’s security-specific model. It looks just like any other chatbot. It will answer your question “What are the security incidents in my company?”. It’s using the 65 trillion daily signals Microsoft gathers to help security professionals track down threats.
Microsoft Security Copilot was designed to support a security analyst’s work, rather than replace it. It even has a pinboard section that allows co-workers and colleagues to share information and collaborate. Security professionals can use Security Copilot to assist with incident investigations, to quickly summarize events, and to aid with reporting.
Security Copilot can accept natural language inputs. This allows security professionals to ask for a summary about a vulnerability, upload files, URLs or code snippets for an analysis, or request information from other security tools such as Security Copilot. Investigators have a complete audit trail that includes all prompts and responses.
You can pin and summarize results into a shared workspace so that colleagues can work together on the same threat analysis. Chang Kawaguchi from Microsoft’s AI Security Architecture, said that this is similar to having separate workspaces for investigators, and a shared notebook with the capability to promote what you are working on, in an interview with .
Security Copilot’s most intriguing feature is its prompt book feature. It is a collection of automations or steps that can be combined into one prompt or button. This could be a shared prompt for reverse engineering a script to ensure security researchers don’t have to wait to see if someone else is ready to do this type of analysis. Security Copilot can be used to create a PowerPoint slide which outlines attacks and incidents.
Microsoft, much like Bing is also clear in sourcing results when security researchers request information about the latest vulnerabilities. Microsoft uses information from the Cybersecurity and Infrastructure Security Agency, National Institute of Standards and Technology’s vulnerability data, and Microsoft’s threat intelligence database.
However, this doesn’t necessarily mean Microsoft Security Copilot will always do the right thing. Kawaguchi says that sometimes models can go wrong so they offer the opportunity to get feedback. It’s more complicated than the simple thumbs up or thumbs down found on Bing. Kawaguchi says that the feedback loop is more complex than that. There are many ways it could go wrong. Microsoft will allow users to respond with exact details about what is wrong in order to better understand hallucinations.
Kawaguchi says that while no one can guarantee the absence of hallucinations, it is possible to expose sources, provide feedback and ground this in data from your own context. This will help people understand and validate what they see. In some cases, there is no right answer. Having a probabilistic answer will be significantly more beneficial for both the investigator and the organization.
Although Microsoft’s Security Copilot interface looks a lot like Bing’s prompt and chatbot interface, it is limited to security-related queries. The Security Copilot won’t allow you to get the most recent weather information or ask it its favorite color. Kawaguchi says, “This is not Bing.” This is not a chat experience. It is more like a notebook experience, rather than a chat or general purpose chatbot.
Microsoft’s latest AI push is Security Copilot. Microsoft 365 Copilot feels like it will always change Office documents . Microsoft-owned GitHub is making its Copilot more chatty to assist developers in creating code . Microsoft isn’t slowing down in its Copilot ambitions. We’re likely to see the AI assistant technology appearing throughout the company’s software and services.
Microsoft is currently previewing the new Security Copilot with “a handful of customers” today. The company does not have a set date for launching this service more widely. Kawaguchi says that the company is not yet discussing a timeline for general availability. “So much of this involves learning and learning responsibly, so it’s important that we get it to a limited group of people and start that process to learn and to make it the best product possible and ensure we deliver it responsibly.”
