Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Security Copilot comes with many preinstalled plugins available for Microsoft security services and other commonly used services and websites that you can use. You also have the option of extending default capabilities by adding your own custom plugins.
Bemærk
Microsoft processes and stores data from these plugins according to our Privacy and Data policies.
Watch the following video to learn more about plugins:
Manage plugins
To personalize the way Security Copilot interacts with you, there are two ways to configure the plugins on your list:
Copilot uses on-behalf-of authentication to access security-related data through active Microsoft plugins. If a plugin requires its own authentication setup though, the plugin determines the authentication instead of on-behalf-of. For more information, see Understand authentication.
Plugin sources are separated into these plugin categories:
Microsoft
Non-Microsoft
Websites
Custom
Select which plugins Security Copilot uses as a data source by turning service toggles on or off.
Select the Security Copilot sources icon.
Select the plugin you'd like to use by turning the toggle on or off. Custom plugins you don't have access to won't appear. Preinstalled plugins you don't have access to will indicate they are Restricted.
Personalize plugin settings
Personalize Security Copilot plugin experiences by configuring the plugin setting. For example, a user who wants the Microsoft Sentinel plugin to use a particular workspace that they designate as the default, personalizes the settings to specify the workspace.
Currently personalization settings are available for the following Microsoft plugins:
Microsoft Sentinel
Microsoft Defender External Attack Surface Management
Select the Security Copilot sources icon.
Select the gear icon.
Provide setting details, then select Save.
Manage custom plugins
Owners must set the permissions for adding custom plugins before they can be accessed. By default, only owners can add and manage their own custom plugins. In addition, owners are able to specify who has the ability to add and manage custom plugins for everyone in their organization.
Plugins added by owners can be set to be available only to them or to anyone in the organization.
Plugins added by owners and set to be available to anyone in the organization can be accessed, turned on or off, and used by all Security Copilot users. However, only owners can make modifications to the plugin.
For instructions on creating your own plugins, read Custom plugins.
Options for managing plugins
To manage plugins as an owner:
Select the home menu icon.
In Preferences, navigate to the Plugin settings section.
Choose who can add and manage their own custom plugins. Select Owners only or Contributors and Owners.
Owners only:
When an owner sets this configuration value, only owners can add and manage custom plugins for themselves (user scope).
Owners and Contributors:
When an owner sets this configuration value, owners and contributors can add and manage custom plugins for themselves (user scope). This option will enable the second permission, "Who can add and manage custom plugins for everyone in the organization?".
Choose who can add and manage custom plugins for everyone in the organization.
Owners only:
When an owner sets this configuration value, only owners can add and manage custom plugins for the organization (tenant scope).
Owners and Contributors:
When an owner sets this configuration value, owners and contributors can add and manage custom plugins for the organization (tenant scope).
Choose to manage preinstalled plugin availability and restrict access.
This is an immediate change impacting all users of Security Copilot. Please exercise caution and notify users prior to impact. For more information, see Manage preinstalled plugins.
Add custom plugins
Adding custom plugins extends the capabilities of Security Copilot.
Vigtigt
You must take precaution and ensure that plugins you create or make available in your organization adhere to responsible AI practices. For more information, see Microsoft AI principles.
You must also ensure that custom plugins you make available to your organization are fully vetted. It is good practice to vet custom plugins at a user level first, before making plugins available to the entire organization.
Bemærk
This option is only available if an Owner has configured Security Copilot to allow Owners and Contributors to add and manage custom plugins for everyone in the organization.
Select the Security Copilot sources icon.
In Manage plugins, scroll down to the Custom section.
Select, Add plugin.
From the drop-down options, specify if you want to make the plugin available to just yourself or anyone in the organization. Then choose between adding a Security Copilot plugin or an OpenAI plugin.
Bemærk
If you choose to make a plugin available to just yourself, a private tag is added to the plugin. If you choose the option of making it available to anyone in the organization, then the plugin will be available to all Security Copilot users.
Depending on the plugin you'd like to add, follow the corresponding steps:
Extend declarative agents for Microsoft 365 Copilot with API plugins is a multi-part series that teaches you basic concepts of extending declarative agents with actions using API plugins. You learn what API plugins are, how they work, and when you should consider building them. You also learn how to use Adaptive Cards to show data in a rich way and how to connect to secured APIs.
Microsoft Security Copilot is an AI-powered, natural language, security analysis solution designed to help security professionals defend against sophisticated attacks at machine speed and scale.