Edit

Microsoft Copilot in Intune (public preview)

  • Article

This feature is in public preview.

Microsoft Copilot for Security is a generative-AI security analysis tool. It can help you and your organization get information quickly, and help you make decisions that affect security and risk.

Intune has capabilities that are powered by Copilot. These capabilities access your Intune data, and can help you manage your policies & settings, understand your security posture, and troubleshoot device issues.

There are two ways to access your Intune data using Copilot:

  • Microsoft Copilot in Intune (this article): Copilot is embedded in Intune and is available in the Microsoft Intune admin center. The Copilot prompts and their output are in the context of Intune and your Intune data.

    This experience has an IT admin/IT Pro focus.

  • Microsoft Copilot for Security: This option is standalone Copilot and is available in the Microsoft Copilot for Security portal. You can use this portal to get insights from Copilot for Security for all your enabled services, like Intune, Microsoft Defender, Microsoft Entra ID, Microsoft Purview, and more.

    This experience has a Security Operations Center (SOC) focus, and can be used by IT admins. For more information on Copilot for Security and how to get Intune data, go to Access your Microsoft Intune data in Copilot for Security.

This article focuses on Copilot in Intune and describes the Intune features that you can use with Copilot.

Before you begin

To use Copilot in Intune, you should know the following information:

  • Copilot security compute units (SCUs): Copilot in Intune is included with Copilot for Security. There aren't any other licensing requirements or Intune-specific licenses for using Copilot in Intune.

    For more information on SCUs, go to:

  • Copilot configuration: Before you can use the Copilot features in Intune, Microsoft Copilot for Security must be configured, and you must complete the first run tour in the Microsoft Copilot for Security portal. For the specific setup tasks, go to Get started with Microsoft Copilot.

    You can check the status in the Intune admin center > Tenant administration > Copilot.

    Screenshot that shows Copilot is enabled in the Microsoft Intune tenant and Intune admin center.

  • Copilot roles: Access to Copilot in Intune is managed through Copilot for Security or Microsoft Entra ID. To use Copilot in Intune, you/your admin team must be a member of the appropriate role in Copilot for Security or Microsoft Entra ID. There isn't a built-in Intune role that has access to Copilot.

    For more information on the different roles, and what they can do with Copilot, go to Roles and authentication in Microsoft Copilot for Security.

  • Intune plug-in source: To use Copilot in Intune, you need the Intune plug-in enabled in Copilot for Security. This plug-in allows you to access your Intune data and use Copilot in the Intune admin center.

    Go to the Copilot for Security portal, select Sources (prompt bar > right corner):

    Screenshot that shows the plugin sources that are available, enabled, and disabled in Microsoft Copilot for Security.

    In Manage sources, enable Microsoft Intune:

    Screenshot that shows the Microsoft Intune plug-in source is enabled in the Microsoft Copilot for Security portal.

    Tip

    Some roles can enable or disable plugins. For more information, go to Manage plugins in Microsoft Copilot for Security.

  • Your Intune data: Copilot uses your Intune data. When an Intune admin submits a prompt, Copilot can only access the data that they have permissions to, which includes the RBAC roles and scope tags assigned to them.

Tip

For some common questions asked about Copilot in Intune, go to Microsoft Copilot in Intune FAQ.

Start using Copilot in Intune

To access Copilot in Intune, sign into the Intune admin center. The Home screen lists the ways to get started with Copilot:

Screenshot that shows the Intune admin center homepage with Copilot features in Microsoft Intune.

Currently, there are two areas to use Copilot in Intune:

  • Policy and setting management
  • Device details and troubleshooting

Policy and setting management

Copilot is embedded on policy settings and with your existing policies.

✅ Use Copilot to learn more about individual settings, their impact, and recommended values

When you create an Intune policy, you add settings and configure these settings to meet your organization requirements. When you add a setting, there's a Copilot tooltip:

Screenshot that shows Copilot settings tooltip in a compliance policy in Microsoft Intune and Intune admin center.

When you select the Copilot tooltip, the Copilot prompt window opens and automatically gives more information about that setting:

Screenshot that shows more information about a setting when you select the Copilot tooltip in a compliance policy in Microsoft Intune admin center.

In the Copilot window, there are more prompts that you can use. You can also select the prompt guide and select from an existing list of prompts:

Screenshot that shows the Copilot prompt guide when you add a setting in a compliance policy in Microsoft Intune and Intune admin center.

The Copilot prompts can help you understand the impact of the setting, look for potential conflicts, and provide a recommended value. For an example of how to use Copilot with the settings catalog, go to Use the settings catalog to create device configuration policies.

You can use the Copilot tooltips on the following policy types in Intune:

  • Compliance policies
  • Device configuration policies, including the settings catalog
  • Most endpoint security policies

✅ Use Copilot to summarize an existing policy

On your existing Intune policies, you can use Copilot to summarize the policy. The summary describes what the policy does, the users and groups assigned to the policy, and the settings in the policy. This feature can help you understand the impact of a policy and its settings on your users and devices.

To use this feature in Intune, select an existing policy and then select Summarize with Copilot:

Screenshot that shows how to select the Summarize with Copilot feature in a policy in Microsoft Intune and Intune admin center.

You can use this feature on the following policy types in Intune:

  • Compliance policies
  • Device configuration policies, including the settings catalog
  • Most endpoint security policies

Device details and troubleshooting

✅ Use Copilot to get device details and troubleshoot a device

You can use Copilot to get device-specific information, like the installed apps, group membership, and more.

To use this feature in Intune, select a device, and then select Explore with Copilot:

Screenshot that shows selecting any device and then select Explore with Copilot in Microsoft Intune and Intune admin center.

When the Copilot window opens, select a prompt, and enter any required or optional input, if needed. You can also open the prompt guide for some follow-up questions:

Screenshot that shows the Copilot prompt guide after you select any device in Microsoft Intune and Intune admin center.

For more information on using Copilot with your devices, go to Use Microsoft Copilot in Intune to troubleshoot devices.

Related content