Trained across security and networking disciplines and armed with trillions of data signals, Security Copilot dramatically increases the reach, speed and effectiveness of any security team
REDMOND, Wash. – March 28, 2023 – Microsoft Corp. on Tuesday announced it is bringing the next generation of AI to cybersecurity with the launch of Microsoft Security Copilot, giving defenders a much-needed tool to quickly detect and respond to threats and better understand the threat landscape overall. Security Copilot will combine Microsoft’s vast threat intelligence footprint with industry-leading expertise to augment the work of security professionals through an easy-to-use AI assistant.
“Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against relentless and sophisticated attackers,” said Vasu Jakkal, corporate vice president, Microsoft Security. “With Security Copilot, we are shifting the balance of power into our favor. Security Copilot is the first and only generative AI security product enabling defenders to move at the speed and scale of AI.”
Security Copilot is designed to work seamlessly with security teams, empowering defenders to see what is happening in their environment, learn from existing intelligence, correlate threat activity, and make more informed, efficient decisions at machine speed.
Simplifying complexity and accelerating responses
In a world where there are 1,287 password attacks per second, fragmented tools and infrastructure have not been enough to stop attackers. And although attacks have increased 67% over the past five years, the security industry has not been able to hire enough cyberrisk professionals to keep pace. This has led to defenders who are overwhelmed searching for well-disguised attacks within an impossibly large volume of expanding network traffic and other signals.
Security Copilot will simplify complexity and amplify the capabilities of security teams by summarizing and making sense of threat intelligence, helping defenders see through the noise of web traffic and identify malicious activity.
It will also help security teams catch what others miss by correlating and summarizing data on attacks, prioritizing incidents and recommending the best course of action to swiftly remediate diverse threats, in time.
Continually learning to augment the expertise of security teams
Security Copilot will also continually learn and improve to help ensure that security teams are operating with the latest knowledge of attackers, their tactics, techniques and procedures. The product will provide ongoing access to the most advanced OpenAI models to support demanding security tasks and applications. Its visibility into threats is powered by both the customer organization’s security data and Microsoft’s vast threat analysis footprint.
These capabilities can empower security teams of any size with the skills and abilities of much larger organizations. In addition, Security Copilot helps address skills shortages in cybersecurity by bridging knowledge gaps and enhancing workflows, threat actor profiles and incident reporting across teams.
“Advancing the state of security requires both people and technology – human ingenuity paired with the most advanced tools that help apply human expertise at speed and scale,” said Charlie Bell, executive vice president, Microsoft Security. “With Security Copilot we are building a future where every defender is empowered with the tools and technologies necessary to make the world a safer place.”
Built on the Microsoft platform and industry-leading threat intelligence
Microsoft is uniquely qualified to help customers explore and adapt AI to boost their cybersecurity defenses. Microsoft Security is actively tracking more than 50 ransomware gangs as well as more than 250 unique nation-state cybercriminal organizations, and receives 65 trillion threat signals every day. Microsoft technology blocks more than 25 billion brute-forced password theft attempts every second, and more than 8,000 security professionals at Microsoft analyze more security signals than almost any other company – on average Microsoft’s Security Operations Center analysts utilize over 100 different data sources.
Acquisitions like RiskIQ and Miburo give Microsoft breath of signal and depth intelligence on threat actors that no one else has. Security Copilot also integrates natively with a growing list of Microsoft Security products, such as Microsoft Sentinel and Microsoft Defender, to help customers create an end-to-end experience across their entire security program.