MICROSOFT SECURITY COPILOT: AI TOOL FOR SECURITY DEFENDERS

Microsoft announced on the 28th of March 2023, that they are introducing Microsoft security co-pilot, a tool powered at the speed of A.I (Artificial intelligence), to support the defender’s team in cybersecurity.

  The concept and path for such tool was based on the odds against cybersecurity professionals, considering the fight with their adversaries (The hackers) quite a difficult one as a result of the attackers having an edge over them.

Microsoft announced that the tool is to aid cybersecurity experts to protect their organizations, assisting defenders to quickly respond to threats hidden among noise. They further more discussed about the shortage of skills estimated to be over 3.4 million vacancies siting the ISC2 cybersecurity workforce study.

Furthermore, according to the fortune 500 company, they stated that their motivation was as a result of the volume and velocity of attacks that continually occurs, and they are keen to continuously create new technologies that can give the defenders an edge against the attackers. They said considering that “security professionals experience scarcity, and they must empower them to disrupt the attackers traditional advantages, and drive innovation for their organization.” -Vasu Jakkal (corporate vice president).

The past few months have been a shift in the technology innovation as the world has witnessed the involvement of A.I in an advance manner towards new technologies and innovations.  The corporate vice president announced that they are ready for the paradigm shift and taking the bold step to combine Microsoft leading technology with the current advancement of A.I.

He said,  “ Today at our inaugural Microsoft Secure Event I am delighted to welcome you to the new era of security shaped by the power of OpenAI’s GPT-4 generative AI and thrilled to introduce to you Microsoft Security Copilot."

MICROSOFT SECURITY COPILOT AN END-TO-END MACHINE THAT SUPPORTS THE DEFENSE SECURITY TEAM AT THE SPEED OF A.I:

The announcement further buttresses the fact that this is the first security product by Microsoft that enables defenders to move at the speed and scale of A.I. Microsoft states that Security Copilot has a combination of advanced Large Language Model (LLM), with a security-specific model owned by Microsoft.

The security-specific model in turn encompasses a growing set of security-skills that are specific, which in turn is informed by Microsoft’s unique global threat intelligence and has over 65-trillion signals daily (that is a lot of 0’s). The security Copilot also has the ability to deliver an enterprise-grade security and as well ensures that it is privacy-compliant and runs on Microsoft Azure’s hyperscale infrastructure.

If a security professional sends a prompt to Copilot, the Copilot utilizes the full power of the model that is security-specific to deploy the skills and queries that maximize the value of the latest large language model capabilities. It is stated that the cyber-trained models add a learning system to create and tune new skills, and the security copilot, what other methods that were missing and supports an analyst in carrying out their work. Security copilot will be able to learn from users and as well users are able to give feedback with the inbuilt feedback feature, this concept is attributed to a closed-loop learning system.

The Security copilot is able to integrate end-to-end Microsoft security products, and subsequently will expand into an ecosystem of third-party products, allowing cybersecurity professionals as well as organizations to defend at full speed.  The company further quotes “Your data is always your data and stays within your control. It is not used to train the foundation AI models, and in fact, it is protected by the most comprehensive enterprise compliance and security controls.” The tool supports real time interaction sharing between team members to speed up incident response, effective collaboration on complex problems and develop effective skills collectively.

SECURITY CO-PILOT AS A TOOL THAT WILL ELEVATE HUMAN STRENGTHS:

Microsoft soft stated in order to deliver a great experience, security co-pilot is built upon three principles:

  1. A Simplified Complex: As in providing security for an organization time is of essence, that security copilot will enable security defenders to respond to incidence within minutes compared to the era that it takes hours or even days to be able to solve a security breach. It will deliver critical issues adopting a step-by-step lead and context through a natural language-based investigation. It will accelerate incident investigation and response and as well give a summary of all processes and make a clean report that is understandable by executive or audience, thereby giving defenders more time to focus on other pressing issues.
  1. Capturing what others miss: It is known that cyber-criminals conduct their attack hiding behind noisy systems and weak signals, with the aid of security copilot, security defenders can be able to detect malicious behaviour and threat signals which might have gone undetected. It sets priority to threats in real time, and be able to predict a threat actor next action employing continuous reasoning that is based on Microsoft global threat intelligence. The A.I tool comes with skills that has a characteristics and expertise of security analysts in areas with respect to incidence response, threat hunting, and vulnerability management.
  1. Ability to Address Talent Gap: Considering the limitation due to team members size, as the human limitations when it comes to focusing, security copilot will boost organizations defenders’ skills with the ability of providing answers with regards to questions that are related to security. It will learn from users, and adopt enterprise preference while providing the possible best line of action to defenders on how to achieve best secure outcomes. The tool will also aid new team members as it will expose them to new skills and approach as they develop, assisting team members to accomplish more with less time, and operate on a bigger enterprise.

Image 01 Query Screen of Security co-pilot

Image 02 

The advancement of A.I is a problem that bothers everyone with regards to how data is treated, Microsoft in their commitment to show how data is being handled, gave a few points.

Image 03

Image 04

Image 05

  1. Your data is your data: Users of this tool are free and have full control of how their data is being processed and handled. They have the ability to decide on whether to monetize it or not.
  1. User’s data is not used to train or enrich foundation AI models: Users of an organization are the only ones to benefit from the data trained by the AI for their business processes, and nobody else outside the organization can benefit from such.
  1. User’s data and AI models are protected at every step: From processing your data down to the AI models, Microsoft guarantees adequate protection as the AI is run by the most comprehensive enterprise compliance and security controls.

 

 

 

Put your comments below in the comment section on your thoughts about this.

Find this article and information helpful? Show some love and support  “Click-Here”
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments