Microsoft Unveils Agents for Security Copilot and New Protections for AI

At a time when Artificial Intelligence (AI) is playing an increasingly central role, protecting it and using it to enhance security has become a priority for organizations. With this goal in mind, Microsoft has announced a set of new features for Microsoft Security Copilot, including the launch of six specialized agents designed to accelerate and improve the accuracy of incident responses, as well as introduce new layers of protection for AI.

These six agents are designed to learn from team feedback, adapt to existing workflows, and operate securely, aligned with Microsoft’s Zero Trust approach. With full control in the hands of security teams, the agents help prioritize risks, speed up incident response, and increase the effectiveness of Microsoft solutions, strengthening organizations’ security posture.

Available across Microsoft’s security platform, the agents are tailored for specific roles:

• Phishing Triage Agent (Microsoft Defender): Analyzes phishing alerts, distinguishes real threats from false positives, and continuously improves based on administrator feedback.
• Alert Triage Agents (Microsoft Purview): Assess data loss and insider risk alerts, prioritizing the most critical and adjusting based on feedback.
• Conditional Access Optimization Agent (Microsoft Entra): Monitors users and apps outside existing policies, identifies gaps, and suggests quick fixes.
• Vulnerability Remediation Agent (Microsoft Intune): Prioritizes vulnerabilities and remediation tasks, accelerating patch deployment with admin approval.
• Threat Intelligence Briefing Agent (Security Copilot): Automatically selects relevant threat intelligence based on the organization’s profile.

 

Commitment to AI Security

According to Microsoft, 57% of organizations have already seen an increase in security incidents related to AI usage. Despite this, 60% have yet to implement adequate controls. 

Key concerns include excessive data sharing, new vulnerabilities, and compliance with constantly evolving regulations. To address these challenges, Microsoft is launching advanced new features to help organizations protect their AI investments.

Highlights include a new feature in Microsoft Purview that enables investigation of risks associated with sensitive data exposure through AI.

Other updates include:

• Microsoft Defender support for Google VertexAI and Azure AI Foundry models;
• AI web category filtering in Microsoft Entra to mitigate shadow AI risks;
• Enhanced phishing protection in Teams via Microsoft Defender for Office 365.

With Microsoft Threat Intelligence detecting around 84 billion signals per day — including 7,000 password attacks per second — the investment in AI agents becomes essential to keep up with evolving threats. These innovations are part of Microsoft’s strategy to adopt an “AI-first” approach to security, with a unified and scalable platform focused on protecting identities, devices, data, and applications.

^{Source: Microsoft}