Analyze recommendations with Copilot for Security

Microsoft Defender for Cloud's integration with Microsoft Copilot for Security allows you to analyze all of the recommendations presented on the recommendations page. By narrowing the scope of the recommendations page, you can focus on specific recommendations and get a better understanding of your security posture.

Once the list of recommendations is filtered, you can investigate specific recommendations and gain a better understanding of the risks and vulnerabilities that are present in your environment.

Prerequisites

• Enable Defender for Cloud on your environment.

• Have access to Azure Copilot.

• Have Security Compute Units assigned for Copilot for Security.

Analyze a recommendation

Copilot for Security gives you the ability to analyze your recommendations. Through the use of prompts, you can filter and refine the presented recommendations to focus on specific areas of interest.

1. Sign in to the Azure portal.

2. Search for and select Microsoft Defender for Cloud.

3. Navigate to Recommendations.

4. Select Analyze with Copilot.

   

5. Select one of the suggested prompts or enter a prompt in natural language.

   Some sample prompts include:

   • Show risks for publicly exposed resources
   • Show risks for resources with sensitive data
   • Show risks for critical resources
   • Show risk to data

6. Review the provided answer.

7. (Optional) You can select a suggested prompt or enter a unique prompt to further refine the results.

8. Select Apply filter to view the updated recommendations.

   

The recommendations page updates with the appropriate filters applied based on the prompt you provided. Copilot remains open and you can enter other prompts as needed.

Next step

Summarize recommendations with Copilot for Security