When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft announces several new AI agents for Security Copilot

Neowin · with 0 comments

Microsoft Security Copilot Agents

Last year, Microsoft launched Microsoft Security Copilot, a new Copilot service that allows IT admins to type in text prompts to identify and resolve security issues. Today, Microsoft announced a new update that will take Security Copilot to the next level. The new AI agents in Security Copilot will autonomously assist IT admins with phishing protection, data security, and identity management.

Microsoft Security Copilot will feature six security agents from Microsoft and five from its partners. These agents will be available for preview in April 2025. Let's take a look at them below:

  • Phishing Triage Agent in Microsoft Defender will help in triaging phishing alerts with accuracy to identify real threats and false alarms.
  • Alert Triage Agents in Microsoft Purview will help in triaging data loss prevention and insider risk alerts. It can prioritize critical incidents and can improve accuracy based on admin feedback.
  • Conditional Access Optimization Agent in Microsoft Entra will help in tracking new users or apps that are not under existing policies. It can find security gaps and recommend quick fixes.
  • Vulnerability Remediation Agent in Microsoft Intune will help in monitoring and prioritizing vulnerabilities and remediation related to app and policy configuration issues.
  • Threat Intelligence Briefing Agent in Security Copilot will help in surfacing relevant and timely threat intelligence based on an organization's unique attributes and threat exposure.

By taking advantage of Microsoft’s open platform, Microsoft's partners are also bringing the following new AI agents:

  • Privacy Breach Response Agent by OneTrust analyzes data breaches to generate guidance for the privacy team on how to meet regulatory requirements.
  • Network Supervisor Agent by Aviatrix performs root cause analysis and summarizes issues related to VPN, gateway, or Site2Cloud connection outages and failures.
  • SecOps Tooling Agent by BlueVoyant assesses a security operations center (SOC) and state of controls to make recommendations that help optimize security operations and improve controls, efficacy, and compliance.
  • Alert Triage Agent by Tanium provides analysts with the necessary context to quickly and confidently make decisions on each alert.
  • Task Optimizer Agent by Fletch helps organizations forecast and prioritize the most critical cyberthreat alerts to reduce alert fatigue and improve security.

Check out the video below to learn how these new security agents work:

These new AI security agents from Microsoft and its partners will reduce manual workloads for IT and security teams. Also, they will significantly improve the operational effectiveness and security posture of enterprise organizations.

Report a problem with article
sam altman
Next Article

OpenAI announces leadership changes, with Altman deepening product involvement

Outlook logo
Previous Article

Microsoft begins default-deploying New Outlook for Windows on Microsoft 365

Join the conversation!

Login or Sign Up to read and post a comment.

0 Comments - Add comment