Microsoft Security Copilot service description
Microsoft Security Copilot is a generative AI security product that helps defend organizations at machine speed and scale. Security Copilot delivers natural language insights and guidance to increase the efficiency and capabilities of security operations teams. Security Copilot leverages an advanced large model with a security-specific model that is informed by Microsoft’s unique global threat intelligence and more than 65 trillion daily signals.
During the Early Access Program, participating customers will receive a Microsoft Security Copilot program pass that grants access to the Security Copilot experience through an immersive prompting environment and embedded in the Microsoft Defender XDR interface.
Feature availability across plans
During the Early Access Program, Microsoft Security Copilot requires a Microsoft Defender for Endpoint P1 licensing.
Features available during Early Access Program
|Prompt interface||Open chat functionality to make requests in natural language, response outputs as text, images, or documents.|
|Incident summary & response||Summarize a security incident, enrich incident with threat intelligence, assess an incident’s impact, and provide guidance on remediation. Available in the embedded Microsoft Defender for Endpoint experience.|
|Security posture management||Summarize information on events that might expose an organization to a known threat.|
|Security reporting||Prepare event, incident, or threat summaries in ready-to-share reports.|
|Script analyzer||Explains Powershell script in natural language. Available in the embedded Microsoft Defender XDR experience.|
|Pinboard||Organize and summarize chat sessions.|
|Guided prompts||Prompt suggestions to active common security use cases, accessed by entering “/” in the prompt bar.|
|Promptbooks||Collection of prompts assembled to achieve specific investigation outcomes.|
|Prompt audit trail||Review prompt interactions in an immutable record.|
|Plugins||Integrations with Microsoft Security products and other services to enable access to security incidents, threat intelligence, and organizational context.
Plugins include Microsoft Defender XDR, Microsoft Sentinel, Microsoft Defender Threat Intelligence, Service Now, and more.
To stay informed of upcoming changes, including new and changed features, planned maintenance, or other important announcements, visit the Message Center. For more information, see Message center.
For licensing terms and conditions for products and services purchased through Microsoft Commercial Volume Licensing Programs, see the Product Terms site.