Microsoft's new AI agents will fight cybercrimes: Here's how
What's the story
Microsoft has expanded its AI-driven Security Copilot with six proprietary AI agents to help security teams.
The company is also working with partners to add five more third-party agents into the mix.
The security agents will be available for preview next month.
They are designed to autonomously triage and process phishing alerts, data loss alerts, prioritize critical incidents, and monitor vulnerabilities.
Details
New AI agents to autonomously handle high-volume security tasks
Microsoft's AI security agents enable teams to autonomously handle high-volume security and IT tasks.
Phishing Triage Agent in Microsoft Defender evaluates phishing alerts to distinguish between genuine cyber threats and false alarms. It offers clear explanations for its decisions and enhances detection capabilities based on administrator feedback.
Alert Triage Agents in Microsoft Purview analyze data loss prevention and insider risk alerts, helping prioritize critical incidents while continuously improving accuracy through admin input.
Other agents
AI agent will identify necessary updates to close security vulnerabilities
Conditional Access Optimization Agent in Microsoft Entra detects new users or apps not covered by existing policies, identifies necessary updates to strengthen security, and provides quick-fix recommendations.
Vulnerability Remediation Agent in Microsoft Intune monitors and prioritizes vulnerabilities and remediation tasks, addressing app and policy configuration issues while expediting Windows OS patches with admin approval.
Threat Intelligence Briefing Agent in Security Copilot automatically compiles relevant and timely threat intelligence tailored to an organization's unique attributes and cyber threat landscape.
Enhancements
Microsoft is also enhancing its phishing protection in Teams
Along with the new AI agents, Microsoft is also enhancing its phishing protection in Microsoft Teams.
Starting next month, Microsoft Defender for Office 365 will offer enhanced protection against phishing and other cyber threats within Teams.
This includes improved defenses against malicious URLs and attachments, further strengthening Microsoft's commitment to safeguarding users from potential cyber threats.
Collaborations
Third-party agents to enhance Security Copilot's capabilities
The five third-party agents included in the Security Copilot are: Privacy Breach Response Agent by OneTrust; Network Supervisor Agent by Aviatrix; SecOps Tooling Agent by BlueVoyant; Alert Triage Agent by Tanium; and Task Optimizer Agent by Fletch.
These agents will further enhance the capabilities of Microsoft's AI-driven cybersecurity solution.
As per Microsoft, 57% of organizations report an increase in security incidents from AI usage. Password attacks make up more than 99% of the identity attacks.