Microsoft is quickly integrating AI technology in its various services with the Copilot toolkit.
After introducing the AI-based Copilot assistant in its Office suite, the company is now focusing on cybersecurity. Security Copilot is Microsoft’s new assistant for cybersecurity professionals, designed to identify and address security vulnerabilities and better understand the values of daily big data.
Security Copilot uses OpenAI’s GPT-4 generative AI to understand Microsoft’s specific security model and, like any other chatbot, has a simple box-like user interface. You can ask this assistant questions such as: ‘Tell me about all of my company’s security events,’ and then receive a summary of the corresponding report. Of course, Security Copilot uses the 65 trillion daily signals that Microsoft collects about security and specific threats in the background of this chatbot. This feature allows security specialists to identify and track threats with greater accuracy.
Microsoft has developed Security Copilot to assist security analysts, not to replace them. This assistant even has a feature called Pinboard for sharing information for collaboration. Security experts can use this tool to help investigate events, summarize events quickly, and assist in reporting security issues.
The Security Copilot assistant understands natural language inputs, so security experts can provide a summary of a specific vulnerability in the URL, file, or code snippet they are interested in and then request analysis or information related to the event and its alert. All requests and responses are stored in this assistant, providing a clear and precise path for investigators.
Users can pin the results provided by Security Copilot in a collaborative workspace or take advantage of its summary. This way, other colleagues can continue their work based on the same analysis and review. ‘Chang Kawaguchi,’ AI Security Architect at Microsoft, said in an interview with The Verge: ‘This tool is like having a separate workspace for researchers and a shared notebook with items you’re working on.’
One of the most interesting aspects of Security Copilot is that it provides a set of stages or automations. This feature can be used for reverse engineering a script, including notification, so that security researchers do not have to wait for such analysis to finish in their own team. You can even use this assistant to create a PowerPoint slide containing information on security events and related charts.
When security researchers request information about the latest vulnerabilities from Security Copilot, such as the newest Microsoft Bing, the results will be displayed to them clearly. Technology giant Redmond uses information from the cybersecurity agency and infrastructure security, the vulnerability database of the National Institute of Standards and Technology, and its own threat information database.
Of course, this does not mean that Security Copilot always works correctly. ‘Kawaguchi’ says: ‘We know that sometimes these models make mistakes, so we use feedback. The feedback loop has much more value than just liking or disliking Bing’s new responses. This security tool is a bit more complicated because of its nature, the likelihood of making a mistake in it will be higher.’
‘Kawaguchi’ said in another section of his explanation: ‘I don’t think anyone can bring the illusion and wrong answers of AI chatbots to zero level, but we are trying to make sure that understanding and validating responses is possible by users through things like declaring resources used and basing them on relevant user data. ‘
While Security Copilot may seem like other AI-based chatbots, it is limited to only security-related queries. For example, you cannot use this tool to get the latest information about the weather in your city or ask this assistant about its favorite color.
Security Copilot is Microsoft’s latest big attempt to use AI. The company has introduced Copilot 365 for the Office suite and expanded the use of Copilot on the GitHub platform to help developers build code. Currently, there is no sign of Microsoft slowing down in providing Copilot AI assistants in its various products and services, so we will probably see the presentation of this technology again in other software and services in the near future.
Currently, the new Security Copilot tool is available to a few select Microsoft customers, and according to Kawaguchi, there is no specific timeline for its public release. The company intends to first test this new security assistant with a smaller group of users and once any potential issues have been resolved, make it widely available to everyone.