Microsoft Unveils OpenAI-Powered Security Copilot: 5 Things To Know

The new product for cybersecurity professionals uses generative AI from the latest version of OpenAI’s large language model, GPT-4, along with ‘a security-specific model from Microsoft,’ the company said Tuesday.

AI-Powered Security

For months now, cybersecurity experts have pointed to the idea of generative AI to thwart cyberattacks as among the most promising uses for the technology in the IT sphere. On Tuesday, Microsoft made clear that it’s aiming to make that idea into reality, with the unveiling of Microsoft Security Copilot. The new product for cybersecurity professionals uses generative AI from GPT-4, the latest version of the OpenAI large language model that is available in applications such as the massively popular ChatGPT chatbot.

[Related: Microsoft-Backed ChatGPT Surges, But ‘Don’t Underestimate’ Apple, Google]

Microsoft Security Copilot tailors the generative AI technology toward cybersecurity by combining GPT-4 with Microsoft’s own security-focused AI model. A number of security vendors have already utilized OpenAI technology, or in some cases their own large language models, in their products. But the move to do so by one of the industry’s biggest vendors will likely prove to be an accelerant for advancing the concept.

Microsoft Security Copilot arrives as the company — a major backer of OpenAI — looks to build on the surge of interest around generative AI following the release of OpenAI’s ChatGPT chatbot and DALL-E 2 image generator last year. The applications and the growing interest around generative AI technology have led to “a wave of innovation,” wrote Vasu Jakkal, corporate vice president for security, compliance, identity and management at Microsoft, in a blog post. “We are ready for a paradigm shift and taking a massive leap forward by combining Microsoft’s leading security technologies with the latest advancements in AI.”

The launch, which is taking place in connection with the Microsoft Secure online event, follows announcements about the addition of OpenAI technology into other Microsoft products via a “Copilot” approach — including the recent announcement of Microsoft 365 Copilot for applications such as Teams and Word.

What follows are five key things to know about Microsoft Security Copilot.

Generative AI For Cybersecurity

Microsoft Security Copilot is “shaped by the power of OpenAI’s GPT-4 generative AI,” Jakkal wrote in the post. Crucially, however, the product combines the large language model “with a security-specific model from Microsoft” to make it more relevant to the needs of cybersecurity professionals, according to Jakkal. This model “incorporates a growing set of security-specific skills” and leverages the trillions of security signals gathered as part of Microsoft’s threat intelligence operation, she wrote. (Security Copilot also provides “an enterprise-grade security and privacy-compliant experience as it runs on Azure’s hyperscale infrastructure,” Jakkal noted.)

Ultimately, “Microsoft Security Copilot is the first security product to enable defenders to move at the speed and scale of AI,” she wrote in the post.

Benefits For Security Pros

Microsoft Security Copilot will feature a prompt-based user interface akin to generative AI chatbots such as ChatGPT. When a cybersecurity professional gives a prompt to the application, the response will leverage Microsoft’s security-focused AI model “to deploy skills and queries” that are relevant to the prompt, Jakkal (pictured) wrote in the blog.

“This is unique to a security use-case,” she wrote. “Our cyber-trained model adds a learning system to create and tune new skills. Security Copilot then can help catch what other approaches might miss and augment an analyst’s work. In a typical incident, this boost translates into gains in the quality of detection, speed of response and ability to strengthen security posture.”

Expedited Responses

Among the big advantages of Security Copilot for cybersecurity teams is to help with accelerating responses to potential attacks. Using the tool, “defenders can respond to security incidents within minutes instead of hours or days,” Jakkal wrote in the blog post.

Security Copilot provides users with “critical step-by-step guidance and context through a natural language-based investigation experience that accelerates incident investigation and response,” she wrote. “The ability to quickly summarize any process or event and tune reporting to suit a desired audience frees defenders to focus on the most pressing work.”

A GIF animation of the Security Copilot interface viewed by CRN shows a main chat window with a text prompt box that suggests the user “ask anything about security.” A panel on the right side of the interface displays information about an alert on a compromised account and device, featuring a summary of the alert, recommended steps to take and more details about the attack itself.

Spotting Threats

Another major advantage of using generative AI for cyberdefense with Security Copilot is that it can assist with uncovering threats within the overwhelming quantity of data generated by modern IT tools. With the generative AI technology, “defenders can now discover malicious behavior

and threat signals that could otherwise go undetected,” Jakkal wrote in the blog. Security Copilot “surfaces prioritized threats in real time and anticipates a threat actor’s next move with continuous reasoning based on Microsoft’s global threat intelligence.”

Security analyst skills that will be baked into Security Copilot include incident response, threat hunting and vulnerability management, according to Jakkal.

Meanwhile, like chatbots such as ChatGPT, Security Copilot is also being touted as a tool for increasing the knowledge of cybersecurity professionals. The tool “boosts your defenders’ skills with its ability to answer security-related questions,” she wrote.


A private preview is now underway for Microsoft Security Copilot, the company said. Estimates on general availability for the product aren’t being provided by Microsoft yet. “We look forward to sharing more soon,” Jakkal wrote in the post.

Not surprisingly, the product will also be embedded into products within Microsoft’s broad security portfolio. “Security Copilot also integrates with the end-to-end Microsoft Security products, and over time it will expand to a growing ecosystem of third-party products,” Jakkal wrote.

Ultimately, Security Copilot will help with “taking the agility advantage back to defenders by combining Microsoft leading security technologies with the latest advancements in AI,” she wrote.