Unified Microsoft Defender dashboard with analytics and Sentinel on the sidebar. | Image: Microsoft
Microsoft is combining its Sentinel security analytics and Microsoft Defender XDR platforms into an “industry first” unified security operations platform — with the company’s Security Copilot chatbot stationed centrally for IT and security personnel to administer everything easily. During the company’s enterprise-focused Ignite conference today, Microsoft is announcing expanded conversational AI abilities to better centrally manage its security platforms.
Microsoft originally announced Security Copilot in March, demonstrating how its generative AI system can summarize all the alerts and data points that typically inundate security professionals. At the time, it had not been made available beyond “a few customers” to test. Microsoft shared some of the chatbot’s abilities, like asking it to summarize all incidents in the enterprise, explain how particular vulnerabilities work, feed it a file to check if it’s secure, and use it to collaborate with colleagues and even generate automations.
Now, the Security Copilot chatbot has learned a few new tricks to help IT workers administer various endpoint services, from device and identity management to data protection and compliance.
IT personnel with access to the unified experience, which is currently in private preview, can use Security Copilot as a starting point for their workflows, letting them ask the bot to seek out risks and figure out solutions quickly. The process helps workers not get siloed into various browser tabs for individual services like Intune or Entra. Security Copilot can also help with malware analysis and incident response and provide guided investigations in the unified Microsoft Defender XDR and Sentinel.
Today, Security Copilot can also use skills in Entra to detect high-risk users with suspicious sign-in activities, those who have too many privileges, and other things that pose a risk to an organization. In Intune, IT workers can generate policies for laptops and other devices and create reports on them for forensics by just asking Copilot. And users can have AI analyze documents through Purview to smell out fraud and other bad acts.
With Microsoft’s new unified security platform, the company is aiming to have AI do the heavy lifting to detect threats and simplify complex workflows. This is just one of many announcements today that looks to spread Copilot into every facet of the company’s services and software.