Microsoft Corp. is enhancing its Security Copilot service with a set of artificial intelligence agents that will automate repetitive tasks for users.

The company detailed the agents today alongside upgrades to other parts of its cybersecurity portfolio.

Launched last April, Security Copilot is a specialized version of Microsoft’s Copilot AI assistant. It enables cybersecurity professionals to surface data about breaches using natural language prompts. Security Copilot also automates several related tasks, such as the process of setting up access controls for employee devices.

Microsoft is extending Security Copilot’s capabilities with six internally developed AI agents. They will roll out alongside five partner-built agents from Aviatrix Systems Inc., OneTrust LLC, Tanium Inc., Fletch and BlueVoyant LLC.

Three of the new Microsoft-developed tools focus on helping cybersecurity professionals sift through alerts. One, the Phishing Triage Agent, can review phishing alerts from a company’s cybersecurity systems and filter false positives. It’s joined by two agents designed to analyze notifications from Purview. This is a Microsoft application that detects when employees use business data in unauthorized manner.

The fourth new addition to Security Copilot is the Conditional Access Optimization Agent. It’s designed to work with Microsoft Entra, a tool that administrators use to regulate which employee can access what application. The new agent points out insecure user access rules and generates a fix that administrators can implement with one click.

A fifth agent, Vulnerability Remediation Agent, integrates with Microsoft’s Intune tool for managing Windows devices. The company says administrators can now more quickly find vulnerable endpoints and apply operating system patches.

Rounding out the agent lineup is the Threat Intelligence Briefing Agent. According to Microsoft, it enables Security Copilot to generate a report about cybersecurity threats that could pose a risk to an organization’s systems. The tech giant’s threat intelligence unit collects 84 trillion data points per day about online risks such as ransomware campaigns.

The partner-developed agents that will roll out for Security Copilot address a number of use cases that aren’t covered out of the box. Aviatrix’s agent, for instance, promises to help customers troubleshoot network issues. OneTrust’s tool makes it easier to comply with privacy regulations.

“With security teams fully in control, agents accelerate responses, prioritize risks, and drive efficiency to enable proactive protection and strengthen an organization’s security posture,” Vasu Jakkal, corporate vice president of Microsoft Security, wrote in a blog post today.

The company is rolling out the agents alongside other enhancements to its cybersecurity portfolio. Edge for Business, an enterprise-focused version of Microsoft’s browser, can now block workers from entering sensitive data into chatbots. The company will provide similar controls for desktop-based chatbot clients through integrations between Purview and third-party SASE, or secure access service edge, products.

Defender for Cloud is another focus of the update. It’s a cybersecurity tool designed to help companies protect their cloud applications from hackers. According to Microsoft, Defender for Cloud is receiving new features that will enable it to more effectively spot vulnerabilities in cloud-based AI workloads. 

Image: Microsoft