After early access in October 2023, Microsoft officially launched its Copilot for Security generative AI service in April. Today, the company announced it is adding a number of plugins for Copilot for Security users from a range of third-party vendors.
In a blog post, Microsoft stated:
These plugins enable you to extend the capabilities of leading security vendors across the industry, from threat intelligence to incident response, data protection, and more. These plugins were co-developed by Microsoft and third-party independent software vendors (ISVs) to meet you where you are, no matter what security tools you use.
Some of the new plugins add all-new features to Copilot for Security:
- CIRCL.lu - Query various file hashes against the Computer Incident Response Center Luxembourg (CIRCL)'s known database of files. This can help you identify malicious or suspicious files and take appropriate actions.
- Crowdsec - Enhance your network security with CrowdSec Threat Intelligence: Gain detailed insights into IP reputations, advanced classifications, historical activity and behavior patterns of potential threats to stay one step ahead of cyber attackers.
- CyberArk - Get insights on privileged accounts and provide a quick remediation framework for customers using Cyberark Privilege Cloud (PAM SaaS)
- Darktrace - Leverage threat detection and remediation insights from Darktrace’s ActiveAI Security platform.
- Jamf - Gain easy access to inventory & security insights from your Jamf Pro-managed devices
- GreyNoise Community & Enterprise - Query GreyNoise Community & Enterprise APIs to allow for IP lookups, context, and other critical details in the GreyNoise noise datasets. This can help you filter out benign or irrelevant IP addresses and focus on the ones that pose a real threat.
- RedCanary - Leverage Red Canary’s managed detection and response (MDR) platform to protect endpoints, network, cloud workloads, identities, and SaaS applications from emerging threats.
- ReversingLabs - Using the Spectra Intelligence platform from ReversingLabs, get insight into file reputation and analysis reports for quicker triage & response times.
- Shodan - Enable users to get enhanced visibility into your organization's internet-facing assets using Shodan
- URLScan - Scan and analyze a URL using urlscan.io. This can help you detect phishing sites, brand impersonation, or other malicious websites and prevent them from compromising your users or system
Other Copilot for Security plugins have revealed some new capabilities as well:
- Cyware Respond - Streamline incident and threat response using Cyware Respond’s robust threat response automation platform
- Netskope - Gather intelligence on events and alerts across your Netskope infrastructure. This can help you monitor and protect your cloud applications and data from threats and risks.
- SGNL - Maintain a posture of zero standing privilege with cross-ecosystem visibility and insights. Gain insights into fine-grained access decision and trends across your SGNL assets.
- Tanium - Enable analysts of all skill levels tools to make informed decisions and confidently take decisive actions using Tanium’s real-time endpoint data.
- Valence Security - Find and fix SaaS risks with SaaS security posture management and threat detection. Protect business-critical data with insights into SaaS permissions, activities, SaaS-to-SaaS integrations, and misconfiguration risks.
Copilot for Security customers can access all the third-party plugins on this list by going to the "Sources" section and then installing them. Microsoft plans to add more new plugins to the service over the coming months.
0 Comments - Add comment