Event banner

Copilot for Security: Customize your Copilot

Event Ended
Wednesday, Apr 03, 2024, 07:00 AM PDT
Online

Event details

Explore some of the latest ways to customize Microsoft Copilot for Security for your team. Now generally available, Copilot is the generative AI-powered assistant for daily security operations, and it is more effective when integrated with your workflows. We'll start with a deep dive and walk you through creating custom promptbooks, adding your organization's knowledge bases, and using logic apps to write back updates to your tools. We'll then transition into Ask Microsoft Anything (AMA) so post your questions early and often!

 

This session is part of the Microsoft Secure Tech Accelerator. Add it to your calendar, RSVP for event reminders, and post your questions and comments below! This session will also be recorded and available on demand shortly after conclusion of the live event.
Heather_Poulsen
Updated Dec 27, 2024
AMA
Tech Accelerator

94 Comments

Sort By
Show More
  • Yusuf_Buhari's avatar
    Yusuf_Buhari
    MCT
    Apr 03, 2024
    Do I need kql query plugin if I don't have any queries already stored in my environment?
    • Char_Cheesman's avatar
      Char_Cheesman
      Bronze Contributor
      Apr 03, 2024

      Thanks for participating in Copilot for Security: Customize your Copilot! For reference, the panel covered this topic at around 22:30.

  • Fish_Tacos's avatar
    Fish_Tacos
    Brass Contributor
    Apr 03, 2024
    How does AI contribute to real-time security analytics and incident response? I notice that some logs are 10-60 minutes behind from being displayed on the incident and alert tabs. How long does it take for the AI to ingest and analyze the alerts if I am getting them delayed?
    • craigfreyman-msft's avatar
      craigfreyman-msft
      Icon for Microsoft rankMicrosoft
      Apr 03, 2024
      Copilot for Security can speed up the time it takes for a number of incident response workflows. Data can be returned in as little as a few seconds to a few minutes for more complex questions.
    • klavallee's avatar
      klavallee
      Former Employee
      Apr 03, 2024
      Hi Yusuf - no there is not an additional cost for adding Microsoft or third-party plugins.
    • MFilips's avatar
      MFilips
      Former Employee
      Apr 03, 2024
      Copilot for Security uses the latest LLMs as well as many other design elements in the Compound AI system. Copilot for Security brings in multiple rounds of grounding in security context and underlying plugins, as well as alignment to our responsible AI principles.
    • Char_Cheesman's avatar
      Char_Cheesman
      Bronze Contributor
      Apr 03, 2024

      Thanks for participating in Copilot for Security: Customize your Copilot! For reference, the panel covered this topic at around 30:15.

  • Fish_Tacos's avatar
    Fish_Tacos
    Brass Contributor
    Apr 03, 2024
    How do you bring in other Threat Intel like Greynoise into the AI?
    • MFilips's avatar
      MFilips
      Former Employee
      Apr 03, 2024
      3rd party plugins are how Copilot for Security interacts with external, non-Microsoft information. There are several that were just announced and many more in the in progress. Greynoise if one of them. You can view these which are in progress here: https://securitypartners.transform.microsoft.com/copilot-private-preview-partners
  • devjs's avatar
    devjs
    Copper Contributor
    Apr 03, 2024
    We have blocked OpenAI. Can Copilot be connected to Microsoft OpenAI in the Azure tenant?
    • MFilips's avatar
      MFilips
      Former Employee
      Apr 03, 2024
      Copilot for Security doesn't "connect" to OpenAI, and Copilot leverages language models via Microsoft Azure OpenAI service.
  • Heather_Poulsen's avatar
    Heather_Poulsen
    Icon for Community Manager rankCommunity Manager
    Apr 03, 2024

    Welcome to Copilot for Security: Customize your Copilot and the Microsoft Secure Tech Accelerator. Let's get started with the deep dive! Have questions? Post them below i the Comments and we'll answer in the AMA portion!

    • Fish_Tacos's avatar
      Fish_Tacos
      Brass Contributor
      Apr 03, 2024
      Does the AI for Security utilize the content it receives, such as prompts, answers, and tenant data, for training purposes?
      • Trevor_Rusher's avatar
        Trevor_Rusher
        Icon for Community Manager rankCommunity Manager
        Apr 03, 2024

        Hi there! Please post your questions in separate threads in this comment section to make it easier on our panel! Thank you.

    • Fish_Tacos's avatar
      Fish_Tacos
      Brass Contributor
      Apr 03, 2024
      How does AI contribute to real-time security analytics and incident response? I notice that some logs are 10-60 minutes behind from being displayed on the incident and alert tabs. How long does it take for the AI to ingest and analyze the alerts if I am getting them delayed?
      • Trevor_Rusher's avatar
        Trevor_Rusher
        Icon for Community Manager rankCommunity Manager
        Apr 03, 2024

        Hi there! Please post your questions in separate threads in this comment section to make it easier on our panel! Thank you.

  • Matthew Levy's avatar
    Matthew Levy
    MVP
    Apr 03, 2024
    I've set up CfS using the Microsoft Copilot for Security portal, but I can't find any Microsoft copilot for security compute resources in any of my Azure Subscriptions, how do I find it?
    • Matthew Levy's avatar
      Matthew Levy
      MVP
      Apr 03, 2024
      My question was addressed in the open AMA, but the question was not understood by the team. I am looking for the SCU that get's provisioned for running Copilot for security ($4/Hour) resource in Azure.
      • Char_Cheesman's avatar
        Char_Cheesman
        Bronze Contributor
        Apr 03, 2024

        Hi Matthew, thanks for asking your question! The panel covered it at around 20:55, and I'll also find someone to follow up this question too.

  • stevlars's avatar
    stevlars
    Copper Contributor
    Apr 02, 2024

    Please address FedRAMP authorization and the Customer Responsibility Matrix needed to run the product securely.

    • craigfreyman-msft's avatar
      craigfreyman-msft
      Icon for Microsoft rankMicrosoft
      Apr 03, 2024
      Hi Steve, thanks for asking! At this time, we don't have anything to share on FedRAMP authorization or the Customer Responsibility Matrix.
  • Trevor_Rusher's avatar
    Trevor_Rusher
    Icon for Community Manager rankCommunity Manager
    Apr 02, 2024
    We are very excited to bring you this session tomorrow! Reminder: If you have questions about the session, post them in advance here in the Comments to give our live AMA panel something to kick off with. Thanks!
    • Fish_Tacos's avatar
      Fish_Tacos
      Brass Contributor
      Apr 03, 2024
      How does AI contribute to real-time security analytics and incident response? I notice that some logs are 10-60 minutes behind from being displayed on the incident and alert tabs. How long does it take for the AI to ingest and analyze the alerts if I am getting them delayed?
    • Fish_Tacos's avatar
      Fish_Tacos
      Brass Contributor
      Apr 03, 2024
      Does the AI for Security utilize the content it receives, such as prompts, answers, and tenant data, for training purposes?
      • klavallee's avatar
        klavallee
        Former Employee
        Apr 04, 2024
        No, the prompts, answers, and tenant data are not used for training of the foundation AI model.
Date and Time
Apr 3, 20247:00 AM - 8:00 AM PDT