Answer:

The rules and policies will be very similar, but we have the ability to determine is this a sperate identity or other things to customize your experiences and policies to set guardrails for each of them. We divide agents into agents that assist and agents that are autonomous which we call user agents. They are all AI agents so they are treated as such but if they are being on behalf of the user, external customer, or the broader organization will determine their access.

Answer: 

We treat agents as first-class citizens within the organization, and we are tuning all of our capabilities to recognize AI agents as such. We are including checks on the agents and making sure that we have guard rails on access and giving them their own set of permissions and policies just as we would with human users.

Answer:

We have benchmarks in relation to phishing trials not specifically for compliance. On the phishing trial side, we have seen up to a 60% improvement in productivity

Answer:

First, we recommend you turn on some of your auditing capabilities to know what's going on and then activate the quick template to understand what is being shared with your application and how much data. This runs quickly and gives you an analysis of the amount of data that is sensitive and what are the permissions of the data. This is what we call oversharing reports giving you just-in-time detection of sensitive data as it goes into AI or from AI allowing for this data to be blocked through Data Loss Prevention or audited. 

Answer:

The Product Management team is a great start to strengthen and understand what connections need to be made and will be the focal point for all orchestration. 

Answer:

There is no integration between Security Copilot and GitHub. Security Copilot uses its own orchestration engine within the product.

Answer:

We capture everything by default, but you can consent or not to capture everything giving configurability and flexibility to administrators by default to decide to capture or take action.

After this you can make decisions based on your role and outcomes which is also available in the experience.

Answer: 

We log who is prompting and who is asking the question and other key questions. We call this audit of activity telemetry that's captured end to end throughout the lifecycle AI agent. Anything that the agent interacts with or anything that interacts with the agent including tools and knowledge sources, that activity is captured and available for proof of compliance depending on what is needed and this is the bedrock for all of our investigations.

After this, the responses of the content itself which is passed to the agent or the response of the agent is based on the configurations of your tenant as an admin where you can store things by default. 

All of this enriches the metadata available to data security administrators, analysts, and others who need it and can use this to say make decisions on agent risk during investigations and further analysis.

Follow-up question:
If a user submits a prompt requesting access to sensitive content, such as documents from the CEO’s mailbox, where is that prompt logged, and which service allows security teams to view or investigate that activity?