Microsoft recommends these 5 ways to use AI Copilot for cyber defence

Microsoft is integrating Copilot into many of its security products, making it easier for IT professionals to manage their organisation's cybersecurity.

Nishita Gupta
Nishita Gupta January 11, 2024
Updated 2024/02/01 at 2:31 PM

Microsoft Security Copilot is the company’s first generative AI security product that aims to go beyond traditional security operations to change incident response, risk assessment, and identity troubleshooting for security teams. Here are 5 ways the company recommends you use the product for your cyber defence strategy.


Copilot for device management


IT administrators are faced with handling the critical security role of managing devices in an evolving device landscape with rising IT complexity and risk of app and policy misconfiguration. Copilot is integrated to Microsoft Intune and can help generate policies, analyse drafts, and provide “what-if” analysis that can raise any potential security and productivity risks.


Copilot for identity management


Over the last year, password-based attacks have risen rapidly and some new attack techniques can circumvent multifactor authentication. Security Copilot also integrates with Microsoft Entra to help investigate identity risks and to troubleshoot daily identity tasks like why a sign-in will require multifactor authentication or why a user’s risk level increased.

Copilot for data security


Security Copilot is integrated into Microsoft Purview to summarise data security and compliance capabilities while making sense of many different types of data. It can be used to accelerate investigations and response times while allowing analysts at all levels to complete complex tasks with the help of AI.


Security copilot for the cloud

As more and more companies depend on cloud resources, maintaining strong cloud security is an important challenge for cybersecurity teams. Security Copilot and Microsoft Defender for Cloud integrated can be used by security admins to identify critical risks, learning about sensitive data and its lateral movement.


Copilot for attack surface management


Security teams could find tracking assets and their vulnerabilities time-consuming especially when it comes to determining which assets pose risk to the organisation. Microsoft Defender External Attack Surface Management has new capabilities that will give security teams an eye into their external attack surface.


For more such content, keep reading @techinnews

Share this Article