In today's fast-paced AI-driven world, data security and compliance admins face the daunting task of keeping up with the overwhelming volume and complexity of alerts. To effectively prioritize and address critical alerts, organizations need the power of AI to provide concise alert summaries, integrated insights, and natural language support within their trusted investigation workflows.
To help address these challenges, we announced two experiences back in November. First was the standalone experience to help SOC teams gain visibility across security data – bringing signals together from Defender, Sentinel, Intune, Entra and Purview into a single pane of glass. Today, we are excited to announce that the Purview capabilities will be generally available as of April 1st, to help SOC teams identify risky user activities and sensitive data that could be at risk when investigating a security incident.
Second is the embedded experience, which is integrated directly into your data security and compliance workflows, allowing you to leverage Copilot directly within your environment. we are excited to announce these capabilities will be available in public preview on April 1st:
Summarize alerts in Microsoft Purview Data Loss Prevention
Investigations can be overwhelming for data security admins due to the large number of sources to analyze and varying policy rules. To help alleviate these challenges, Copilot is now natively embedded in Data Loss Prevention to provide a quick summary of alerts, including the source, attributed policy rules, and user risk insights from Microsoft Purview Insider Risk Management. This summary helps admins understand what sensitive data was leaked and associated user risk, providing a better starting point for further investigation. Learn more in our Microsoft Purview Data Loss Prevention announcement.
Summarize alerts in Microsoft Purview Insider Risk Management
Insider Risk Management provides comprehensive insights into risky user activities that may lead to potential data security incidents. To accelerate investigations, Copilot in Insider Risk Management summarizes alerts to provide context into user intent and timing of risky activities. These summaries enable admins to tailor investigations with specific dates in mind and quickly pinpoint sensitive files at risk. Learn more in our Microsoft Purview Insider Risk Management announcement. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Contextual summary of communications in Microsoft Purview Communication Compliance
Organizations are subject to regulatory obligations related to business communications, requiring compliance investigators to review lengthy communication violations. Copilot in Communication Compliance helps summarize alerts and highlights high-risk communications that may lead to a data security incident or business conduct violation. Contextual summaries help you evaluate the content against regulations or corporate policies, such as gifts and entertainment and stock manipulation violations. Learn more in our Microsoft Purview Communication Compliance announcement. Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (e.g. SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to help ensure user-level privacy.
Contextual summary of documents in review sets in Microsoft Purview eDiscovery
Legal investigations can take hours, days, even weeks to sift through the list of evidence collected in review sets. This often requires costly resources like outside council to manually go through each document to determine the relevancy to the case. To help customers address this challenge, we are excited to introduce Copilot in eDiscovery. This powerful tool generates quick summaries of documents in a review set, helping you save time and conduct investigations more efficiently. Learn more in our Microsoft Purview eDiscovery announcement.
Get started
- These capabilities will start rolling out to customer’s tenants in the coming weeks.
- To learn more about Microsoft Copilot for Security, visit aka.ms/CopilotForSecurity or contact your Microsoft sales representative.
- Stay up to date on our Microsoft Purview features through the Microsoft 365 Roadmap for Microsoft Purview.
- Learn more about these solutions in the Microsoft Purview compliance portal. Visit your Microsoft Purview compliance portal to activate your free trial and begin using our new features. An active Microsoft 365 E3 subscription is required as a prerequisite to activate the free trial.
- Download Microsoft Data Security Index report to learn more about the trends and best practices for an effective data security program.
Thanks,
Talhah Mir, Principal Product Manager, Microsoft Purview
Liz Willets, Sr. Product Marketing Manager, Microsoft Purview
