Security Solution Area - Copilot for Security
Purpose
A Collection of resources for Microsoft practice building in the Security solution and Copilot for Security area. For a view of other solution areas, please see the Taxonomy.
To contribute to the PartnerCrucible, see Contributor’s Guide.
Industry Perspective
| Source | Description | Notes |
|---|---|---|
| Microsoft Copilot for Security | March 13th Announcement: Microsoft Copilot for Security is generally available on April 1, 2024, with new capabilities | Blog |
| Randomized Controlled Trial for Copilot for Security | We conducted randomized controlled trials (RCTs) to measure the efficiency gains from using Copilot for Security, including speed and quality improvements. External experimental subjects logged into a Microsoft Defender XDR (Defender XDR) environment created for this experiment and performed four tasks: Incident Summarization, Script Analysis, Incident Report, and Guided Response. | Whitepaper |
| Applied GAI in Security | @BrandonDixon - This newsletter serves as a place to document ideas, share opinions and inspire others to explore what this technology can bring to our field | Blog |
Community
| Source | Description | Notes |
|---|---|---|
| Microsoft Cloud Security Public Webinars | Public Webinar Schedule | Form |
| Copilot for Security Customer Connection Program (CCP) | Community Connected Program for Copilot for Security | Microsoft Community |
| Cybersecurity Copilot hub | By @Sameh Younis - As a seasoned Senior Security Solutions Architect with over 30 years in the field, including 16 years at Microsoft, this website offers a succinct way to access and search my LinkedIn articles and infographics. With a focus on cybersecurity and Azure cloud infrastructure, this platform is your guide to the latest developments and strategies in digital security. |
Partner Practice Building
| Source | Description | Notes |
|---|---|---|
| Copilot for Security Partner Playbook | Includes a solution overview, partner strategic insights, and partner resources | Transform |
| Copilot for Security Practice Building | Define your strategy, develop your skills, operationalize and go to market | Transform |
| Microsoft Copilot for Security Customer Pitch Deck | Microsoft Copilot for Security: Protect at the speed and scale of AI | Transform |
| Microsoft Copilot for Security: An introductory deep dive for MSSPs | An introductory deep dive for MSSPs | Transform |
| Microsoft Copilot for Security Frequently Asked Questions | FAQ | Microsoft Learn |
| Discover, protect, and govern AI usage with Microsoft Security | Microsoft Security helps you discover, protect, and govern the use of both Copilot for Microsoft 365 and other third-party AI applications | Tech Community |
Tech Resources
| Source | Description | Notes |
|---|---|---|
| Microsoft Copilot For Security Repo | GitHub Repo including customer guides, promptbook samples, plugins, and logic apps | GitHub |
| Copilot for Security Technical Resources | Topic page devoted to Microsfot Copilot for Security | MS US Partner Resources |
| What is Microsoft Security Copilot | Microsoft Security Copilot (Security Copilot) is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles. | Microsoft Learn |
| Operationalizing Microsoft Security Copilot to Reinvent SOC Productivity | While our core products detect and respond at machine speed, our ongoing mission is to upskill SOC analysts and empower them to be more efficient where they’re needed to engage. To bridge this gap, we are bringing Security Copilot into our industry-leading XDR platform, Microsoft 365 Defender, which is like adding the ultimate expert SOC analyst to your team, both raising the skill bar and increasing efficiency and autonomy | Tech Community |
| Prompting and promptbooks | Promptbooks are a collection of prompts that have been put together to accomplish specific security-related tasks. Each promptbook requires a specific input (for example, a code snippet or a threat actor name) and then runs a series of prompts in sequence, with one prompt building on the one before it. | Microsoft Learn |
| Triage alerts | riage incidents based on enrichment from threat intelligence | Microsoft Learn |
| Integration & Investigate in #M365D | Investigate an incident and associated suspicious entities | Microsoft Learn |
| Privacy and data security | Privacy and data security in Microsoft Security Copilot | Microsoft Learn |
| FAQ | Microsoft Security Copilot Early Access Program Frequently Asked Questions | Microsoft Learn |
| Microsoft Copilot for Security Sample Prompts Library | a variety of examples to demonstrate how prompts can be used to achieve different security tasks. Our examples showcase how specific prompts can be utilized to perform a range of tasks. This is a collaborative page where people can learn from the examples and contribute their own. | GitHub |
| Microsoft Copilot For Security Resources | Collection of reference by @iamjoeycruz | GitHub |
| Microsoft Copilot for Security - PLaylist | Microsoft Copilot for Security playlisft from Microsoft Security | YouTube |
Integration
| Source | Description | Notes |
|---|---|---|
| Microsoft Copilot for Security Technical Announcement | General Availability details | Tech Community |
| Microsoft Defender External Attack Surface Management | Enhanced Defender EASM functionality in Microsoft Copilot for Security | Tech Community |
| Microsoft Intune in Copilot for Security | Copilot in Intune provides AI powered insights that are tailored for organizational needs, such as quickly resolving end user issues and ensuring policies and settings are configured to optimize business outcomes safely. | Microsoft Intune blog |
| Microsoft Purview in Copilot for Security | Purview capabilities will be generally available as of April 1st, to help SOC teams identify risky user activities and sensitive data that could be at risk when investigating a security incident. | Tech Community |
| Microsoft Entra skills in Copilot for Security | The following new Microsoft Entra skills will be available in the standalone Copilot for Security experience: User Details, Group Details, Sign-in Logs, Audit Logs, and Diagnostic Logs. User Risk Investigation, a skill embedded in Microsoft Entra, will also be available in public preview. | Tech Community |
| Defender XDR in Copilot for Security | Copilot for Security with Microsoft Defender Threat Intelligence and Threat Analytics in the Defender portal to tap into high-fidelity threat intelligence on threat actors, tooling and infrastructure and easily discover and summarize recommendations specific to your environment’s risk profile, all using natural language | Tech Community |
| MDTI in Copilot for Security | What’s New at Microsoft Secure 2024 | Microsoft Community Hub |
Plugins
| Source | Description | Notes |
|---|---|---|
| Extensibility Framework | The Copilot for Security platform enables developers and users to write plugins that can be invoked to perform specialized tasks. | Microsoft Lean |
| Plugins | Manage plugins in Microsoft Security Copilot : Entra, #Intune, #M365Defender, #Sentinel, #DefenderThreatIntelligence, #ServiceNow, #NaturalLanguageToKQL | Microsoft Learn |
| plugins for Microsoft Copilot for Security | Microsoft Copilot for Security supports many plugins, including Microsoft and non-Microsoft plugins. This article describes several examples of non-Microsoft plugins you can use with Copilot for Security. Each plugin has a specific function. Some, but not all, require additional authentication to configure integration with Copilot for Security. | Microsoft Learn |