Microsoft’s ‘Security Copilot’ Unleashes ChatGPT on Breaches

Date:

Share:


Jakkal says that while machine learning security tools have been effective in specific domains, like monitoring email or activity on individual devices—known as endpoint security—Security Copilot brings all of those separate streams together and extrapolates a bigger picture. “With Security Copilot you can catch what others may have missed because it forms that connective tissue,” she says.

Security Copilot is largely powered by OpenAI’s ChatGPT-4, but Microsoft emphasizes that it also integrates a proprietary Microsoft security-specific model. The system tracks everything that’s done during an investigation. The resulting record can be audited, and the materials it produces for distribution can all be edited for accuracy and clarity. If something Copilot is suggesting during an investigation is wrong or irrelevant, users can click the “Off Target” button to further train the system.

The platform offers access controls so certain colleagues can be shared on particular projects and not others, which is especially important for investigating possible insider threats. And Security Copilot allows for a sort of backstop for 24/7 monitoring. That way, even if someone with a specific skillset isn’t working on a given shift or a given day, the system can offer basic analysis and suggestions to help plug gaps. For example, if a team wants to quickly analyze a script or software binary that may be malicious, Security Copilot can start that work and contextualize how the software has been behaving and what its goals may be.

Microsoft emphasizes that customer data is not shared with others and is “not used to train or enrich foundation AI models.” Microsoft does pride itself, though, on using “65 trillion daily signals” from its massive customer base around the world to inform its threat detection and defense products. But Jakkal and her colleague, Chang Kawaguchi, Microsoft’s vice president and AI security architect, emphasize that Security Copilot is subject to the same data-sharing restrictions and regulations as any of the security products it integrates with. So if you already use Microsoft Sentinel or Defender, Security Copilot must comply with the privacy policies of those services.

Kawaguchi says that Security Copilot has been built to be as flexible and open-ended as possible, and that customer reactions will inform future feature additions and improvements. The system’s usefulness will ultimately come down to how insightful and accurate it can be about each customer’s network and the threats they face. But Kawaguchi says that the most important thing is for defenders to start benefiting from generative AI as quickly as possible.

As he puts it: “We need to equip defenders with AI given that attackers are going to use it regardless of what we do.”



Source link

━ more like this

3 great Hulu movies you need to stream this weekend (January 24-26)

Table of Contents Table of Contents A Real Pain (2024) The Rock (1996) Untitled Amy Adams Werewolf Adjacent Movie (2024) The end of the month is almost always...

How to watch Super Bowl 2025

Table of Contents Table of Contents Who’s playing in Super Bowl LIX? What time is the Super Bowl? Is Super Bowl LIX in 4K and HDR? How to...

The OnePlus 13 has ruined Android phones for me

Table of Contents Table of Contents Why so long? Fantastic hardware It’s a hard act to follow The Samsung Galaxy S25 Ultra is going to be my primary...

Sony’s WH-1000XM6 might be announced before the end of summer

It’s been almost three years since Sony announced the WH-1000XM5 — its current flagship wireless headphones. And if a recently uncovered Federal Communications...

Hubble snaps another gorgeous image of the Tarantula Nebula

This gorgeous new image from the Hubble Space Telescope shows a bustling nearby star forming region called the Tarantula Nebula. Given its name...
spot_img