Recently, Microsoft announced the rollout of 11 new AI agents for its Security Copilot, which are designed to relieve cybersecurity teams of tedious work.
As AI agents become more prevalent in the channel, Microsoft’s agents were created to meet the demand to secure and govern AI.
Security Copilot agents expand to give teams more resources
The Security Copilot agents are available across the Microsoft end-to-end security platform and are designed for the following:
- The Phishing Triage Agent in Microsoft Defender triages phishing alerts accurately to identify real cyber threats and false alarms. It provides easy-to-understand explanations for its decisions and improves detection based on admin feedback.
- Alert Triage Agents in Microsoft Purview to triage data loss prevention and insider risk alerts, prioritize critical incidents, and improve accuracy based on admin feedback.
- The Conditional Access Optimization Agent in Microsoft Entra monitors for new users or apps not covered by existing policies, identifies necessary updates to close security gaps, and recommends quick fixes for identity teams to apply with a single click.
- The Vulnerability Remediation Agent in Microsoft Intune monitors and prioritizes vulnerabilities and remediation tasks to address app and policy configuration issues and expedites Windows OS patches with admin approval.
- Threat Intelligence Briefing Agent in Security Copilot to automatically curate relevant and timely threat intelligence based on an organization’s unique attributes and cyberthreat exposure.
The 11 new agents include six new Security Copilot agents, which enable teams to autonomously handle high-volume security and IT tasks while seamlessly integrating with Microsoft Security solutions.
These Security Copilot agents will be purpose-built for security, learn from feedback, adapt to workflows, and operate securely while aligned to Microsoft’s Zero Trust framework.
“This is just the beginning; our security AI research is pushing the boundaries of innovation, and we are eager to continuously bring even greater value to our customers at the speed of AI,” said Alexander Stojanovic, VP of Microsoft Security AI Applied Research.
Tech partnerships flesh out additional capabilities
Further, as part of the 11 new agents, Microsoft is helping usher in five solutions from Microsoft Security partners. These agents will be available in Security Copilot and include:
- Privacy Breach Response Agent by OneTrust
- Network Supervisor Agent by Aviatrix
- SecOps Tools Agent by BlueVoyant
- Alert Triage Agent by Tanium
- Task Optimizer Agent by Fletch
AI Squared VP shares challenges and opportunities of emerging technology
With AI becoming a major factor in the IT workforce, Channel Insider sat down to speak with Dr. Napoleon Paxton, VP of federal technology at AI Squared. AI Squared is an enterprise that helps companies integrate AI into their applications with a platform that allows users to accelerate predictive and generative AI projects.
Dr. Paxton spoke about the challenges involved with AI adoption, highlighting the rapid adoption of AI and emphasizing the need for data governance to prevent data poisoning.
“You have the data governance challenge of protecting data to make sure whatever training is happening is legitimate training that your customers or you intend that training to be,” said Dr. Paxton. “You don’t want those data sources to be poisoned by a nefarious user because it’s a very valuable target to them.”
Microsoft wants to keep humans in the loop when it comes to AI, but what is the best balance between AI automation and human decision-making? Determining the optimal balance is a matter of measuring the criticality of decisions that will be made.
“If I was to give it a percentage, I would say 30 percent agentic and 70 percent human– I know more people want to flip it to 70 percent agentic and 30 percent human, but I think the right approach is to start off small,” said Dr. Paxton. “As you become more confident in that system, then you add in the agentic approach, and that means that you need to be very agile with your delivery. In Microsoft’s case, that means that they’re going to have to constantly change their code bases and their models for Microsoft solutions.”
These agentic AI solutions, as they continue to evolve, are meant to take repetitive, low-level tasks off the plates of security teams.
Dr. Paxton says they could potentially replace lower-tier SOC analysts, freeing up higher-level engineers for more complex tasks. Changes to the professional landscape could potentially already happen within the next year.
“I think people are adopting these solutions at a meteoric rate. A lot of the underpinning algorithms have been working for many, many years– it’s just that we’re making them available to the masses now and people are trusting these things,” said Dr. Paxton. “I do still think there’s a last-mile gap issue, which is really where AI Squared fits in.”
AI Squared helps large organizations bring AI to where work happens by leveraging their SaaS or on-premises platform that combines data sources with advanced AI/ML functionality and embeds intelligent insights.
AI agents are becoming increasingly adopted by organizations across the channel, and interoperability will be a significant component of these adoptions. Read more about a recent solution from Accenture that allows secure and seamless agent-to-agent interoperability across partners.