Microsoft has expanded its Copilot AI assistant into the cybersecurity domain with Copilot for Security, a tool that automates incident investigation, threat hunting, and response actions within the Microsoft Defender ecosystem. The platform uses GPT-4-based models trained on Microsoft's threat intelligence data spanning 65 trillion daily signals.
Key capabilities include natural language querying of security logs, automated generation of incident reports, and one-click remediation actions for common attack patterns. Security analysts can ask questions like "show me all lateral movement detected this week" and receive structured, actionable intelligence within seconds.
Early access customers report that Copilot for Security reduces mean time to investigate alerts by approximately 60 percent. The tool is priced at $4 per security compute unit per hour and is available to organizations with Microsoft Defender XDR or Sentinel licenses. Microsoft says the platform will expand to support third-party security tools later this year.
