Microsoft brings GPT-4-powered Security Copilot to incident response

[embedded content]

Microsoft today announced Security Copilot, a new ChatGPT-like assistant powered by artificial intelligence that takes advantage of Microsoft’s threat intelligence footprint to make faster decisions during incident response and to help with threat hunting and security reporting.

“Microsoft Security Copilot is an AI-powered security analysis tool that enables analysts to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes,” Redmond .

Security Copilot answers defenders’ security-related questions via a ChatGPT-like interface and continuously learns from these interactions to adapt to each enterprise environment to advise them on the best course of action.

It empowers security teams to manage complex security situations more efficiently, and its primary goal is to enhance security analysts’ capabilities by expediting threat intelligence summarizing and interpreting, enabling them to spot malicious activity a lot faster while analyzing web traffic.

Security Copilot will also assist in detecting previously overlooked threats by correlating threat activity signals and making the right connections while inspecting attack data.

It is powered by OpenAI’s GPT-4 advanced large language model (LLM) combined with what Microsoft describes as a “security-specific model” designed by its engineers.

It also integrates data and insights from other Microsoft security tools (including Sentinel, Defender, and Intune) to provide custom guidance for each organization.

[embedded content]

“In security, minutes count. With Security Copilot, defenders can respond to security incidents within minutes instead of hours or days,” Microsoft Security corporate vice president Vasu Jakkal.

“Security Copilot delivers critical step-by-step guidance and context through a natural language-based investigation experience that accelerates incident investigation and response.

Today’s announcement comes after introducing two weeks ago, also powered by GPT-4 and designed to boost customers’ productivity across M365 apps, from Word, Excel, PowerPoint, Outlook, and Teams to Microsoft Viva and Power Platform.

As when launching GPT-4, “while less capable than humans in many real-world scenarios, exhibits human-level performance on various professional and academic benchmarks.”

“Security Copilot will simplify complexity and amplify the capabilities of security teams by summarizing and making sense of threat intelligence, helping defenders see through the noise of web traffic and identify malicious activity,” Microsoft .

“It will also help security teams catch what others miss by correlating and summarizing data on attacks, prioritizing incidents and recommending the best course of action to swiftly remediate diverse threats, in time.”

While Microsoft revealed today that its new AI-powered security analysis tool is currently available in private preview, the company is yet to share details regarding its public rollout.