Microsoft Copilot in Microsoft Entra
Applies to:
- Microsoft Entra
Microsoft Copilot for Security is a platform that brings together the power of AI and human expertise to help administrators and security teams respond to attacks faster and more effectively. Copilot for Security is embedded in Microsoft Entra so you can investigate and resolve identity risks, assess identities and access with AI-driven intelligence, and complete complex tasks quickly. Microsoft Copilot in Microsoft Entra gets insights from your Microsoft Entra users, groups, sign-in logs, audit logs, and more.
You can explore sign-ins and risky users and get contextualized insights on how to resolve incidents and what to do to protect the accounts in natural language. Built on top of real-time machine learning, Copilot in Microsoft Entra can help you find gaps in access policies, generate identity workflows, and troubleshoot faster. You can also unlock new skills that allow admins at all levels to complete complex tasks such as incident investigation, sign-in log analysis, and more, to gain savings in time and resources.
This article introduces you to Copilot in Microsoft Entra.
Key features
Microsoft Entra brings the capabilities of Copilot for Security to the Microsoft Entra admin center, enabling administrators and security teams to respond to identity threats quickly. Bringing AI to Microsoft Entra allows teams to understand risks immediately and determine remediation steps in a timely manner.
Summarize a user's risk level
Microsoft Entra ID Protection applies the capabilities of Copilot for Security to summarize a user's risk level, provide insights relevant to the incident at hand, and provide recommendations for rapid mitigation. Identity risk investigation is a crucial step to defend an organization. Copilot for Microsoft Entra helps reduce the time to resolution by providing IT admins and security operations center (SOC) analysts the right context to investigate and remediate identity risk and identity-based incidents. Risky user summarization provides admins and responders quick access to the most critical information in context to aid their investigation.
Providing feedback
Copilot in Microsoft Entra uses AI and machine learning to process data and generate responses for each of the key features. However, AI might misinterpret some data, which sometimes cause a mismatch in responses. Providing your feedback about the generated responses enable both Copilot in Microsoft Entra and Microsoft Entra to continuously improve delivery of more accurate responses in the future.
All key features have an option for providing feedback. To provide feedback, perform the following steps:
- Select the thumb up icon located at the bottom of any response card in the Copilot in Microsoft Entra pane.
- Answer the question What did you like?
- Select Yes, share samples or No, don't share samples.
- Select Submit.
Or
- Select the thumb up icon located at the bottom of any response card in the Copilot in Microsoft Entra pane.
- Select Inaccurate if any detail is incorrect or incomplete based on your assessment. Select Offensive or inappropriate if it contains potentially harmful, questionable, or ambiguous information. Select Other for some other reason.
- Whenever possible, write a few words explaining what can be done to improve the outcome in the What went wrong? text box.
- Select Yes, share samples or No, don't share samples.
- Select Submit.
Microsoft Entra plugin in Copilot for Security
Microsoft Entra is one of the Microsoft plugins that enable the Copilot for Security platform to generate accurate and relevant information. Through the Microsoft Entra plugin, the Copilot for Security portal can provide more context to incidents and generate more accurate results. The key features mentioned in this article are capabilities that are also available in the Copilot for Security portal.
You can learn more about plugins implemented in the Copilot for Security portal in Manage plugins in Copilot for Security. Additionally, you can learn more about the embedded experiences in other Microsoft security products in Copilot for Security experiences.
Next steps
- Learn more about risky user summarization.
- Investigate security incidents using the Microsoft Entra skills in Microsoft Copilot for Security.
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for