(Credit: Microsoft)
A year after introducing it, Microsoft is ready to launch Copilot for Security, a GPT-4-powered program designed to help cybersecurity workers investigate and stop hacks.
Copilot for Security will be available for all customers globally on April 1, with support for seven additional languages, along with English. This comes as the company spent the last months previewing the technology with hundreds of companies during an early access period.
Copilot for Security is a standalone product featuring plugin support so it can receive data from third-party cybersecurity products. The program can also connect to Microsoft’s existing cloud security offerings, including Microsoft Defender 365, giving customers another tool to help protect their IT networks.
According to Microsoft, the goal for Copilot for Security isn’t to replace human workers or existing security products. Rather, the ChatGPT-like program is designed to act as an assistant that can harness existing cybersecurity tools and help professionals respond to and investigate potential hacking incidents. The technology takes the cybersecurity intel a company receives from its network to summarize incident reports, and point out potential threats and the corresponding actions that an IT administrator should take to address the danger.
In a demo, Microsoft showed the program explaining how a flagged IP address or computer script detected in a network has been tied to select cybercriminal groups. Copilot for Security can also reverse-engineer malware and write reports for a non-technical audience about a security incident, making it easy to share the intelligence across a company.
The technology promises to give cybersecurity defenders a potent tool to beat back cybercrime, which continues to surge, says Microsoft CVP for Security Vasu Jakkal. “The feedback we got from our early access program has been incredible,” she said during a Tuesday press briefing.
"The data we have from early career professionals show us it’s making them faster, more productive,” said Jakkal, who noted they performed 26% faster with their accuracy going up by 35%. More experienced cybersecurity professionals also reported working about 22% faster while receiving a 7% productivity bump.
But according to Jakkal, the most important feedback shows that 97% of the people who tried Copilot for Security wanted to use it again. PCMag also spoke with Rui Correia, a security operations manager at Signode who’s been using the product. He found that Copilot for Security is adept at streamlining the work his team does, which includes monitoring security threats and responding to them. The product can quickly churn out reports and summarize the threats in easy-to-understand language, saving his team time.
“If we want to understand what malware is doing, or what obfuscated commands an attacker is trying to run, we can put them in Copilot, and it tells us, ‘Hey this is what this does. This is what the malware is trying to do,’” he said, allowing the customer to ditch running their own sandbox to investigate the malware.
“In terms of the actual quality of the analysis, I haven’t had any issues with it myself, de-coding commands, de-coding malware,” Correia added. “It’s like talking to another person instead of having to read all the technical details, and it lowers the entry barrier for doing malware analysis as well."
Still, OpenAI’s GPT technology can sometimes produce the wrong information, so the program includes disclaimers under each answer, telling users to verify its findings. Users can also flag the answers to Microsoft for review. In addition, Copilot for Security will explain why it's flagged a piece of activity as malicious, citing sources.
Microsoft plans on selling Copilot for Security through a “pay as you go” licensing model. The company is still finalizing that model, but says: “with this flexible, consumption-based pricing model, you can get started quickly, then scale your usage and costs according to your needs and budget.”