![Microsoft Security Copilot Agent]()
Microsoft has announced the next evolution of Microsoft Security Copilot, introducing AI agents designed to autonomously address critical security challenges such as phishing, data security, and identity management. Launched a year ago, Security Copilot empowers defenders to detect, investigate, and respond to security incidents swiftly. With cyberattacks growing in complexity and volume, Microsoft’s new AI agents aim to scale defenses and transform modern security practices.
Addressing the Phishing Epidemic
Phishing remains one of the most damaging cyber threats, with Microsoft detecting over 30 billion phishing emails targeting customers between January and December 2024. The newly unveiled Phishing Triage Agent in Security Copilot automates routine phishing alert handling, enabling human defenders to focus on complex threats. This agent provides accurate triage, easy-to-understand explanations for decisions, and continuous improvement based on admin feedback.
Expanding Security Copilot with AI Agents
Microsoft is expanding Security Copilot with six new AI agents developed in-house and five partner-built agents, available for preview starting April 2025. These agents are purpose-built for security tasks, leveraging Microsoft’s Zero Trust framework to autonomously handle high-volume IT challenges while integrating seamlessly with Microsoft Security solutions.
![Security Copilot with AI Agent]()
Key Microsoft AI Agents
- Phishing Triage Agent: Identifies real cyber threats and false alarms in phishing alerts.
- Alert Triage Agent: Prioritizes critical data loss prevention (DLP) incidents.
- Conditional Access Optimization Agent: Monitors gaps in identity policies for quick fixes.
- Vulnerability Remediation Agent: Expedites Windows OS patches and app configuration fixes.
- Threat Intelligence Briefing Agent: Curates timely threat intelligence tailored to an organization’s exposure.
.
Innovations in Data Security Investigations
Microsoft is introducing AI-powered data security investigations through Microsoft Purview to help organizations mitigate risks associated with sensitive data exposure. Available for preview in April 2025, this solution links data security investigations to Defender incidents and insider risk cases, enabling faster collaboration and mitigation of complex risks.
![Microsoft Purview]()
Securing Generative AI Adoption
As organizations rapidly adopt generative AI, Microsoft is addressing emerging challenges such as data leakage, regulatory compliance, and new attack surfaces. Key announcements include:
AI Security Posture Management: Extending coverage beyond Azure and AWS to include Google VertexAI and models like Meta Llama and Gemini.
Detection for Emerging AI Threats: New safeguards against risks like indirect prompt injection attacks will be available starting May 2025.
Shadow AI Controls: Enforcing granular access policies using Microsoft Entra internet access filters to curb unauthorized use of generative AI apps.
Data Loss Prevention (DLP) Controls: Previewing browser-based DLP controls in Edge for Business to prevent sensitive data leaks into apps like ChatGPT or Copilot Chat.
Enhancing Collaboration Security in Microsoft Teams
Microsoft Defender for Office 365 will extend phishing protection to Teams starting April 2025. This includes real-time detonation of malicious URLs and attachments within Teams conversations, providing SOC teams full visibility into related incidents.
An agentic approach to privacy will be game-changing for the industry. Autonomous AI agents will help our customers scale, augment, and increase the effectiveness of their privacy operations. Built using Microsoft Security Copilot, the OneTrust Privacy Breach Response Agent demonstrates how privacy teams can analyze and meet increasingly complex regulatory requirements in a fraction of the time required historically.
Blake Brannon, Chief Product and Strategy Officer, OneTrust
Agile Innovation for a Safer World
Microsoft continues to innovate across its security portfolio by applying the principles of its Secure Future Initiative. With industry-leading AI capabilities, Microsoft aims to empower organizations worldwide with tools to secure their operations and govern AI responsibly.
This is just the beginning; our security AI research is pushing the boundaries of innovation, and we are eager to continuously bring even greater value to our customers at the speed of AI.
Alexander Stojanovic, Vice President of Microsoft Security AI Applied Research
Microsoft’s advancements in AI-driven security solutions underscore its commitment to empowering organizations against evolving cyber threats. With cutting-edge tools like Security Copilot’s AI agents and enhanced governance capabilities for generative AI, the company is shaping the future of cybersecurity while enabling businesses to operate securely in the age of AI