Event details

How can you optimize IT operations and efficiently manage your digital estate at scale with Copilot? How do I get started with Copilot in Intune? How do you control access? What is the plan for agent...
Heather_Poulsen
Updated Oct 10, 2025
AMA
Tech Community Live
VaishnavK1993's avatar
VaishnavK1993
Brass Contributor
Oct 06, 2025

In EPM, there is an option to Analyze with Copilot, which is intended to analyze the elevated binary and provide relevant insights about the file. such as whether the file is safe to approve or if it contains any potentially malicious content. However, this feature is not working as intended. Instead of delivering detailed information about the binary, it consistently returns the same generic output for every elevation request.

For example, here I tried to elevate a very common App, when I check for Analyze with Copilot it initially prompts like,
Get reputation for indicators of compromise 4BD03202B6633F9611B3FC8757880A9B2B38C7C0C40ED6BCBEFEC71C0099D493

But getting the output mentioned below.
There was no reputation data available for the queried indicators: 4BD03202B6633F9611B3FC8757880A9B2B38C7C0C40ED6BCBEFEC71C0099D493

  • Pearl-Angeles's avatar
    Pearl-Angeles
    Icon for Community Manager rankCommunity Manager
    Oct 09, 2025

    Thanks for your feedback! The panelists covered this topic at 9:43 during the AMA.

  • Mike-Danoski's avatar
    Mike-Danoski
    Icon for Microsoft rankMicrosoft
    Oct 06, 2025

    Thanks for the feedback. Not having a reputation is a good thing, but feedback taken. I'll take a look at how we can improve this for when an app doesn't have reputation from Microsoft Defender Threat Intelligence.