Microsoft is broadening its Security Copilot service with the addition of new AI agents, designed to aid IT teams facing an escalating number of security threats. The company is incorporating 11 agents, including six developed by Microsoft and five from its partners, as part of an April preview for Security Copilot.
Launched a year ago, the generative AI-powered Security Copilot operates on a consumption-based model, costing $4 per hour. The service aims to improve security outcomes efficiently, leveraging natural language models. It can function independently or integrate with other products within the Microsoft Security suite, such as Microsoft Defender XDR, Microsoft Sentinel, Microsoft Intune, Microsoft Entra, and third-party services like Red Canary and Jamf.
The new agents will assist teams in managing the constantly evolving threats they encounter. Microsoft stated that these agents are specifically designed for security tasks, capable of adapting and learning from feedback across various workloads. Furthermore, all 11 agents adhere to the tech giant’s Zero Trust framework.
“This is just the beginning; our security AI research is pushing the boundaries of innovation, and we are eager to continuously bring even greater value to our customers at the speed of AI,” said Alexander Stojanovic, VP of Microsoft Security AI Applied Research, in a blog post.
These agents will introduce security “Triages” to different products. For example, the ‘Phishing Triage’ agent within Microsoft Defender will provide alerts and simplified explanations for its decisions. Certain agents will also facilitate optimizations. The ‘Conditional Access Optimization Agent,’ for instance, deployed in Microsoft Entra, will monitor new users or applications not covered by existing policies. It will help identify the need for updates and security gaps, recommending quick fixes. Other agents will handle security information, such as the Threat Intelligence Briefing agent and the Vulnerability Remediation agent.
