Blog Post

Azure Network Security Blog
2 MIN READ

Azure Firewall integration in Security Copilot: protect networks at machine speed with gen AI

abhinavsriram's avatar
abhinavsriram
Icon for Microsoft rankMicrosoft
May 21, 2024

Today, at Microsoft Build, we are excited to announce the availability of the Azure Firewall integration in Security Copilot. It helps analysts perform detailed investigations of the malicious traffic intercepted by the IDPS feature of their firewalls across their entire fleet using natural language questions in the Security Copilot portal.

How Security Copilot works with the Azure Firewall plugin

Azure Firewall is a cloud-native and intelligent network firewall security service that provides best of breed threat protection for your cloud workloads running in Azure. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. In this blog we will walk through the newly announced Azure Firewall integration in Security Copilot.

The Azure Firewall plugin enabled in the Security Copilot portal

These capabilities were announced at RSA. Take a look at this blog to learn more about the user journey and value that Copilot can deliver: Bringing generative AI to Azure network security with new Microsoft Copilot integrations. There are four primary capabilities now in preview which are outlined below.

Get top IDPS signature hits

This capability retrieves the top IDPS signature hits for an Azure Firewall. It helps the user get information about the traffic intercepted by the IDPS feature by simply asking natural language questions instead of the user having to construct KQL queries manually.

Get details on an IDPS signature

This capability enriches the threat profile of an IDPS signature beyond the information found in logs. It helps the user get additional details about an IDPS signature instead of requiring them to manually source this information.

Search across firewalls for an IDPS signature

This capability looks for a given IDPS signature across your tenant, subscription or resource group. It helps users perform a fleet-wide search (over any scope) for a threat across all their Firewalls instead of searching for the threat manually.

Secure your environment using IDPS

This capability generates recommendations to secure your environment using Azure Firewall’s IDPS feature. It helps users get information from documentation about using Azure Firewall’s IDPS feature to secure their environment instead of having to look up this information manually.

Get started

Learn more in our documentation about these capabilities and how to access them today!

Updated Nov 19, 2024
Version 5.0
No CommentsBe the first to comment