Microsoft introduces Security Copilot, a tool intended for professionals involved in cybersecurity. The tool is largely based on GPT-4 and combines data from different systems to monitor networks and assist employees.
Microsoft says that Security Copilot can be a useful tool for security professionals to quickly detect threats, respond to threats and gain a better understanding of the entire digital landscape of attacks and threats. The idea is that cybersecurity employees can see better what is happening, allowing Security Copilot to learn from existing information and recognize connections between threat activities.
Security Copilot accepts files, URLs, and parts of code for analysis.
Security Copilot is largely based on GPT-4 and Microsoft’s own security model. The latter model draws on information from Microsoft Sentinel and Microsoft Defender, but acquisitions such as those of RiskIQ and Miburo should also help with the model. Microsoft says it uses 65 trillion daily signals collected as part of threat intelligence.
The tool looks like a simple window of a regular chatbot where employees can ask, among other things, what all security incidents are within the company, after which the bot displays them in summary. It is therefore primarily intended as a tool that should assist employees rather than replace them.
Security Copilot is currently only available as a private preview and can only be used by a few companies for the time being. It is not yet known when the tool will become more widely available.