The Microsoft Security Copilot Early Access Program is an invite-only paid preview program of Microsoft’s new security Copilot assistant and yesterday Microsoft released the public documentation on the Microsoft Learn.
Security Copilot is built using the OpenAI architecture and based on the demo’s I’ve seen shows tremendous promise in it’s ability to help analysts analyse incidents and alerts arising from Microsoft security products such as Microsoft 365 Defender and Microsoft Sentinel.
If like I you are dying to get your hand dirty with Microsoft Security Copilot, unless you are one of the lucky few reading through the documentation my be the closest thing to being able to experience it at this stage.
Particularly interesting are the two sample use cases that take you through the process of using Security Copilot:
- Triage incidents with enriched threat intelligence | Microsoft Learn
- Investigate an incident’s malicious script | Microsoft Learn
They give you a good insight into how an analyst can be assisted in an investigation by Copilot.
Have a read and let me know what you think below.