Based on our previous blog on the Top 10 Cybersecurity Best Practices, we discussed that over the past year, the "average time it took for attackers to gain access to networks" went from 84 minutes in 2022 to 62 minutes in 2023, with the quickest recorded breakout occurring in just 2 minutes and 7 seconds currently. This can highlight the need for a system that is not driven just by human interactions or basic statis analysis of machine. To combat and protect your network now, there is a need for AI driven alerting and analysis.
There are multiple solutions in the market currently. In this blog, we cover the recent Microsoft Security Copilot. This also helps address the gap that exists in the knowledge of the Information Security teams and helping them make more accurate/timely decisions.
How it works
Microsoft Security Copilot currently is the only AI offering that merges a dedicated large language model (LLM) with Microsoft's unique security-focused features. It is enhanced with an expanding array of security skills, which are shaped by Microsoft's exclusive access to worldwide threat intelligence and insights from over 65 trillion signals each day.
It works with other Microsoft security products such as Defender XDR, Sentinel, Intune, and Defender Threat Intelligence. It uses the data and signals from these other products to generate guidance. All threat intelligence data from Microsoft Defender Threat Intelligence (MDTI) powers Security Copilot – at no extra cost. Security Copilot will include MDTI access via API, MDTI Workbench and MDTI analyst seats (same number as Security Copilot seats) at no extra cost.
Availability
Currently Microsoft Security Copilot is available as an Early Access Program (EAP). You can be a part of this program, you can apply using the Microsoft Security Copilot Early Access Program Community Opt-in Form.
Kommentare