AI and Copilots

Microsoft Announces Sweeping Agentic Enhancements to Security Copilot

Kieron AllenBy 4 Mins Read

AI development is accelerating at a remarkable speed, making it crucial for companies invested in the technology to stay informed about discussions involving the implications of AI implementation. One such conversation has honed in on the security of AI tools with consensus shifting to the view that AI can deploy AI to secure itself.

Building on the 2024 launch of Microsoft Security Copilot, Microsoft’s dedicated AI-driven IT security assistant, the company has announced a range of autonomous AI features. These enhancements focus on phishing prevention along with improvements in data security and identity management.

Addressing an evolving threat landscape

In a blog post about the new features, Vasu Jakkal, corporate vice president of Microsoft Security, explained that Microsoft Threat Intelligence is processing 84 trillion signals per day. “Scaling cyber defenses through AI agents is now an imperative to keep pace with this threat landscape,” he says.

Microsoft has introduced six new Security Copilot agents that integrate with its various security products. These agents are designed to align with Microsoft’s Zero Trust framework, adapt autonomously to workflows, and learn actively from user feedback. The new agents include:

  • Phishing Triage Agent in Microsoft Defender: This agent manages phishing alerts to determine which ones require action and which are false alarms.
  • Alert Triage Agents in Microsoft Purview: These agents focus on training data loss prevention and insider risk alerts, setting priorities for necessary actions.
  • Conditional Access Optimization Agent in Microsoft Entra: This agent scans new users and applications to ensure they comply with security policies, identify required updates, and recommend actions.
  • Vulnerability Remediation Agent in Microsoft Intune: This agent prioritizes vulnerabilities and remediation tasks related to configuration issues. Users can also approve flagged Windows OS patches.
  • Threat Intelligence Briefing Agent in Security Copilot: This agent curates and presents contextual threat intelligence in real-time.

Partner Products

In addition to developing its own agents for Security Copilot, Microsoft has also revealed five AI agents developed by its partners that will be made available to customers.

  • Privacy Breach Response Agent by OneTrust: This agent analyzes data breaches and provides feedback on achieving regulatory compliance.
  • Network Supervisor Agent by Aviatrix: This agent completes root cause analysis and summarizes VPN, gateway, and Site2Cloud connection issues.

Ask Cloud Wars AI Agent about this analysis

  • SecOps Tooling Agent by BlueVoyant: This agent conducts SOC assessments and monitors recommended processes to improve SecOps and related operations.
  • Alert Triage Agent by Tanium: This agent provides context for alerts, allowing analysts to respond quickly and appropriately.
  • Task Optimizer Agent by Fletch: This agent helps companies prioritize cybersecurity alerts for users.

Closing Thoughts

Securing and governing AI is a major priority for all organizations that have invested in and migrated processes to AI. By enhancing its security offerings under the umbrella of Copilot, Microsoft is enabling users to benefit from these improvements while they continue to explore Gen AI operations.

This announcement represents one of the best examples of how agents can support Copilots and how the two technologies interact, highlighting an important distinction in this rapidly evolving sector. For organizations to truly understand the power and potential of autonomous AI agents alongside AI assistants, or Copilots, it is critical that examples like this are available.

From Microsoft’s perspective, this is also a win in terms of helping customers strengthen their security posture. While we have focused on agents, Microsoft has also been ramping up other security features. In the same announcement, the company introduced a variety of other enhancements, including phishing protection in Microsoft Teams and expanded multi-cloud and multimodal AI security posture management in Microsoft Defender.

As Jakkal says, “We continue to innovate across the Microsoft Security portfolio, applying the principles of our Secure Future Initiative, to deliver powerful, end-to-end protection to give defenders industry-leading AI, and to empower every organization with the tools to secure and govern AI.” While AI is the cornerstone, it’s impossible to ignore the impact of this enhanced security focus across the Microsoft ecosystem.

Interested in Microsoft?

Schedule a discovery meeting to see if we can help achieve your goals

Connect With Us

Book a Demo

Share.
Analystuser

Kieron Allen

Cloud, AI, Innovation
Cloud Wars analyst

Areas of Expertise
  • Business Apps
  • Cloud
  • Cybersecurity
  • Data

Kieron Allen is a Cloud Wars Analyst examining innovations in, and the future impact of, the latest AI, cloud, cybersecurity, and data technology developments. In his ongoing analyses and video reports, Allen focuses on the platforms, applications, people, and ideas that will mold our digital future. After serving as the Online Editor for BBC Sky at Night Magazine and as the Editorial Assistant for BBC Focus Magazine, Kieron became a freelance journalist in 2015 where his focus on the business technology market became a key passion. Kieron partners with technology start-ups and organizations that share his interests in science, social affairs, non-profit work, fashion and the arts.

  Contact Kieron Allen ...

Related Posts

Add A Comment

Comments are closed.