Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against prolific, relentless and sophisticated attackers. To protect their organizations, defenders must respond to threats that are often hidden among noise. Compounding this challenge is a global shortage of skilled security professionals, leading to an estimated 3.4 million openings in the field.
The volume and velocity of attacks requires us to continually create new technologies that can tip the scales in favor of defenders. Security professionals are scarce, and we must empower them to disrupt attackers’ traditional advantages and drive innovation for their organizations.
In the last few months, the world has witnessed a wave of innovation as organizations apply advanced AI to new technologies and use cases.
At the inaugural Microsoft Secure event, Microsoft announced Microsoft Security Copilot bringing us to a new era of security — shaped by the power of OpenAI’s GPT-4 generative AI. Microsoft Security Copilot is the first security product to enable defenders to move at the speed and scale of AI. Security Copilot combines OpenAI large language model with a security-specific model from Microsoft.
Security Copilot — end-to-end defense at machine speed and scale
When Security Copilot receives a prompt from a security professional, it uses the full power of the security-specific model to deploy skills and queries that maximize the value of the latest large language model capabilities. And this is unique to a security use-case. Our cyber-trained model adds a learning system to create and tune new skills. Security Copilot then can help catch what other approaches might miss and augment an analyst’s work. In a typical incident, this boost translates into gains in the quality of detection, speed of response and ability to strengthen security posture.
Security Copilot doesn’t always get everything right. AI-generated content can contain mistakes. But Security Copilot is a closed-loop learning system, which means it’s continually learning from users and giving them the opportunity to give explicit feedback with the feedback feature that is built directly into the tool. As we continue to learn from these interactions, we are adjusting its responses to create more coherent, relevant and useful answers.
Security Copilot also integrates with the end-to-end Microsoft Security products, and over time it will expand to a growing ecosystem of third-party products. So, in short, Security Copilot is not only a large language model, but rather a system that learns, to enable organizations to truly defend at machine speed.