Microsoft Adds AI to Cybersecurity With Security Copilot

Microsoft announced Security Copilot today, and I believe it will transform security operations.

By combining AI with GPT-4 and Microsoft’s security stack, Microsoft is providing a tool that security operations teams desperately need: a tool that helps them conduct investigations faster by bringing context and enrichment without going through tens of different sources searching for the bits and pieces of information that you need. The tool also helps with taking automated action, which can be written by teammates or by the AI itself. In addition, as with any AI, the tool will learn from your team and get better over time.

As someone who has experience in security operations, the number one issue is having the context and enrichment I need for an investigation, and gathering that information in a short amount of time, which is nearly impossible with tens of different tools for different systems. An integrated system for investigations will be a huge boost to the productivity and efficiency of security operations teams.

Of course, with any new tech, the question is how much this will cost. Setting that aside, what it brings to the table is worth at least taking a look. Other vendors need to take a hard look at what Microsoft has done and make sure they have an answer.

See the highlights from the announcement below.