Microsoft is adding numerous plugins developed with third-party security vendors for its Copilot for Security users.
These additions aim to enhance Copilot's capabilities across key areas including threat intelligence, incident response, and data protection.
"These plugins enable you to extend the capabilities of leading security vendors across the industry, from threat intelligence to incident response, data protection, and more," Microsoft said, disclosing this addition in a blog post today.
"These plugins were co-developed by Microsoft and third-party independent software vendors (ISVs) to meet you where you are, no matter what security tools you use," the company added.
Among the notable additions to Copilot for Security are plugins from several prominent security vendors, each offering unique features and functionalities:
CIRCL.lu: Allows users to query file hashes against the Computer Incident Response Center Luxembourg's (CIRCL) known database of files, aiding in the identification of malicious or suspicious files.
Crowdsec: Enhances network security with detailed insights into IP reputations, classifications, and historical activity to preemptively identify potential threats.
CyberArk: Provides insights on privileged accounts and offers a quick remediation framework for customers leveraging CyberArk's Privilege Cloud.
Darktrace: Leverages threat detection and remediation insights from Darktrace's ActiveAI Security platform.
Jamf: Offers easy access to inventory and security insights from devices managed by Jamf Pro.
GreyNoise Community & Enterprise: Allows users to query GreyNoise APIs for critical IP lookups and context, filtering out benign or irrelevant IP addresses.
RedCanary: Utilizes Red Canary's managed detection and response platform to safeguard endpoints, network, and cloud workloads from emerging threats.
ReversingLabs: Provides insight into file reputation and analysis reports for quicker triage and response times.
Shodan: Enhances visibility into an organization's internet-facing assets using Shodan.
URLScan: Enables users to scan and analyze URLs to detect phishing sites or malicious websites.
Additionally, existing Copilot for Security plugins have been updated to introduce new capabilities, including streamlined incident and threat response, enhanced visibility into cloud applications, real-time endpoint data analysis, and SaaS security posture management.
Customers can access these third-party plugins via the "Sources" section within Copilot for Security and install them as needed.
Microsoft has pledged to continue expanding the platform by adding more plugins in the coming months, further bolstering its cybersecurity capabilities and empowering organizations to defend against evolving threats.