Microsoft unveils Microsoft Safety Copilot brokers and new protections for AI

On this age of AI, securing AI and utilizing it to spice up safety are essential for each group. At Microsoft, we’re devoted to serving to organizations safe their future with our AI-first, end-to-end safety platform.

One yr in the past, we launched Microsoft Safety Copilot to empower defenders to detect, examine, and reply to safety incidents swiftly and precisely. Now, we’re excited to announce the subsequent evolution of Safety Copilot with AI brokers designed to autonomously help with crucial areas akin to phishing, knowledge safety, and identification administration. The relentless tempo and complexity of cyberattacks have surpassed human capability and establishing AI brokers is a necessity for contemporary safety.

For instance, phishing assaults stay one of the vital frequent and damaging cyberthreats. Between January and December 2024, Microsoft detected greater than 30 billion phishing emails concentrating on clients.¹ The amount of those cyberattacks overwhelms safety groups counting on guide processes and fragmented defenses, making it troublesome to each triage malicious messages promptly and leverage data-driven insights for broader cyber threat administration.

The phishing triage agent in Microsoft Safety Copilot being unveiled at the moment can deal with routine phishing alerts and cyberattacks, releasing up human defenders to concentrate on extra advanced cyberthreats and proactive safety measures. This is only one manner brokers can rework safety.

Moreover, securing and governing AI continues to be the highest precedence for organizations, and we’re excited to advance our purpose-built options with new improvements throughout Microsoft Defender, Microsoft Entra, and Microsoft Purview. 

Learn on to find out about different brokers we’re introducing to Safety Copilot and essential developments in securing AI. 

Increasing Microsoft Safety Copilot with AI agentic capabilities

Microsoft Menace Intelligence now processes 84 trillion alerts per day, revealing the exponential development in cyberattacks, together with 7,000 password assaults per second.¹ Scaling cyber defenses by means of AI brokers is now an crucial to maintain tempo with this risk panorama. We’re increasing Safety Copilot with six safety brokers constructed by Microsoft and 5 safety brokers constructed by our companions—out there for preview in April 2025.

Six new agentic options from Microsoft Safety

Constructing on the transformative capabilities of Safety Copilot, the six Microsoft Safety Copilot brokers allow groups to autonomously deal with high-volume safety and IT duties whereas seamlessly integrating with Microsoft Safety options. Objective-built for safety, brokers study from suggestions, adapt to workflows, and function securely—aligned to Microsoft’s Zero Belief framework. With safety groups absolutely in management, brokers speed up responses, prioritize dangers, and drive effectivity to allow proactive safety and strengthen a corporation’s safety posture.

Safety Copilot brokers will likely be out there throughout the Microsoft end-to-end safety platform, designed for the next:

• Phishing Triage Agent in Microsoft Defender triages phishing alerts with accuracy to establish actual cyberthreats and false alarms. It supplies easy-to-understand explanations for its choices and improves detection primarily based on admin suggestions.

• Alert Triage Brokers in Microsoft Purview triage knowledge loss prevention and insider threat alerts, prioritize crucial incidents, and repeatedly enhance accuracy primarily based on admin suggestions.

• Conditional Entry Optimization Agent in Microsoft Entra displays for brand spanking new customers or apps not coated by present insurance policies, identifies vital updates to shut safety gaps, and recommends fast fixes for identification groups to use with a single click on.

• Vulnerability Remediation Agent in Microsoft Intune displays and prioritizes vulnerabilities and remediation duties to handle app and coverage configuration points and expedites Home windows OS patches with admin approval.

• Menace Intelligence Briefing Agent in Safety Copilot mechanically curates related and well timed risk intelligence primarily based on a corporation’s distinctive attributes and cyberthreat publicity.

Safety Copilot’s agentic capabilities are an instance of how we proceed to ship innovation leveraging our many years of AI analysis. See how brokers work.

“That is only the start; our safety AI analysis is pushing the boundaries of innovation, and we’re wanting to repeatedly deliver even higher worth to our clients on the pace of AI.”  

—Alexander Stojanovic, Vice President of Microsoft Safety AI Utilized Analysis

5 new agentic options from Microsoft Safety companions

Safety is a crew sport and Microsoft is dedicated to empowering our safety ecosystem with an open platform upon which companions can construct to ship worth to clients. On this spirit, the next 5 AI brokers from our companions will likely be out there in Safety Copilot:

• Privateness Breach Response Agent by OneTrust analyzes knowledge breaches to generate steering for the privateness crew on easy methods to meet regulatory necessities.
• Community Supervisor Agent by Aviatrix performs root trigger evaluation and summarizes points associated to VPN, gateway, or Site2Cloud connection outages and failures.
• SecOps Tooling Agent by BlueVoyant assesses a safety operations heart (SOC) and state of controls to make suggestions that assist optimize safety operations and enhance controls, efficacy, and compliance.
• Alert Triage Agent by Tanium supplies analysts with the mandatory context to rapidly and confidently make choices on every alert.
• Process Optimizer Agent by Fletch helps organizations forecast and prioritize probably the most crucial cyberthreat alerts to cut back alert fatigue and enhance safety.

“An agentic strategy to privateness will likely be game-changing for the {industry}. Autonomous AI brokers will assist our clients scale, increase, and improve the effectiveness of their privateness operations. Constructed utilizing Microsoft Safety Copilot, the OneTrust Privateness Breach Response Agent demonstrates how privateness groups can analyze and meet more and more advanced regulatory necessities in a fraction of the time required traditionally.”

—Blake Brannon, Chief Product and Technique Officer, OneTrust

Study extra about Safety Copilot brokers and get began with Safety Copilot. Present Safety Copilot clients can be a part of our Buyer Connection Program for the newest updates.

New AI-powered knowledge safety investigations and evaluation   

We’re additionally saying Microsoft Purview knowledge safety investigations to assist knowledge safety groups rapidly perceive and mitigate dangers related to delicate knowledge publicity. Knowledge safety investigations introduce AI-powered deep content material evaluation, which identifies delicate knowledge and different dangers linked to incidents. Incident investigators can use these insights to collaborate securely with accomplice groups and simplify advanced and time-consuming duties, thus enhancing mitigation. This resolution hyperlinks knowledge safety investigations to Defender incidents and Purview insider threat circumstances—out there for preview beginning April 2025.  

Additional advances in securing and governing generative AI

Profitable AI transformation requires a powerful cybersecurity basis. As organizations quickly undertake generative AI, there’s rising urgency to safe and govern the creation, adoption, and use of AI within the office. In keeping with our new report, “Safe worker entry within the age of AI,” 57% of organizations report a rise in safety incidents from AI utilization. And whereas most organizations acknowledge the necessity for AI controls, 60% haven’t but began.

Securing AI remains to be a comparatively new problem, and leaders share some particular issues: easy methods to forestall knowledge oversharing and leakage; easy methods to reduce new AI threats and vulnerabilities; and easy methods to adjust to shifting regulatory compliance necessities. Microsoft Safety options are purpose-built for AI to assist each group handle these issues. We’re saying new superior capabilities in order that organizations can safe their AI investments—each Microsoft AI and different AI.

AI safety posture administration for multimodel and multicloud environments

Organizations growing their very own {custom} AI options might want to strengthen the safety posture for AI that they supply from a number of fashions, operating in a number of AI platforms and clouds. To handle this want, Microsoft Defender has prolonged AI safety posture administration past Microsoft Azure and Amazon Net Companies to incorporate Google VertexAI and all fashions within the Azure AI Foundry mannequin catalog. Out there for preview in Might 2025, this protection contains Gemini, Gemma, Meta Llama, Mistral, and {custom} fashions. With new multicloud interoperability, organizations will achieve broader code-to-runtime AI safety posture visibility throughout Microsoft Azure, Amazon Net Companies, and Google Cloud. Microsoft Defender can provide organizations a jumpstart to securing AI posture throughout multimodel and multicloud environments.

New detection and safety for rising AI threats

With AI comes new dangers, together with new cyberattack surfaces and unknown vulnerabilities. The Open Worldwide Utility Safety Challenge (OWASP) identifies the very best precedence dangers and mitigations for generative AI apps. Beginning in Might 2025, new and enriched AI detections for a number of dangers recognized by OWASP akin to oblique immediate injection assaults, delicate knowledge publicity, and pockets abuse will likely be typically out there in Microsoft Defender. With these new detections, SOC analysts can higher shield and defend custom-built AI apps with new safeguards for Azure OpenAI Service and fashions discovered within the Azure AI Foundry catalog.

New controls to forestall dangerous entry and knowledge leaks into shadow AI apps

With the fast person adoption of generative AI, many organizations are uncovering widespread use of AI apps that haven’t but been authorized by IT or safety groups. This unsanctioned, unprotected use of AI has created a “shadow AI” phenomenon, which has drastically elevated the chance of delicate knowledge leakage. We’re saying basic availability of AI internet class filter in Microsoft Entra web entry to assist implement granular entry controls that may curb the chance of shadow AI by implementing insurance policies governing which customers and teams have entry to several types of AI purposes.

With coverage enforcement in place to manipulate approved entry to AI apps, the subsequent layer of protection is to forestall customers from leaking delicate knowledge into AI apps. To handle this, we’re saying the preview of Microsoft Purview browser knowledge loss prevention (DLP) controls constructed into Microsoft Edge for Enterprise. This helps safety groups implement DLP insurance policies to forestall delicate knowledge from being typed into generative AI apps, beginning with ChatGPT, Copilot Chat, DeepSeek, and Google Gemini.

Study extra about our new improvements in Safety for AI.

New phishing safety in Microsoft Groups for safer collaboration

Whereas e-mail continues to be the first cyberthreat vector for phishing, collaboration software program has develop into a standard goal. Usually out there in April 2025, Microsoft Defender for Workplace 365 will shield customers towards phishing and different superior cyberthreats inside Groups. With inline safety, Groups can have higher safety towards malicious URLs, together with real-time detonation of attachments and hyperlinks. And to provide SOC groups full visibility into associated makes an attempt and incidents, alerts and knowledge will likely be out there in Microsoft Defender. 

Agile innovation to construct a safer world

We proceed to innovate throughout the Microsoft Safety portfolio, making use of the ideas of our Safe Future Initiative, to ship highly effective, end-to-end safety to provide defenders industry-leading AI, and to empower each group with the instruments to safe and govern AI. We’re grateful for our clients and companions and collectively, with them, we look ahead to constructing a safer world for all.

Study with Microsoft Safety

To study extra about Microsoft Safety options, go to our web site. Bookmark the Safety weblog to maintain up with our professional protection on safety issues. Additionally, observe us on LinkedIn (Microsoft Safety) and X (@MSFTSecurity) for the newest information and updates on cybersecurity.

---

¹Based mostly on Microsoft inside knowledge.