Amber Hickman |
Microsoft is launching a unified security operations platform that combines the abilities of Microsoft Sentinel, Defender XDR and Security Copilot.
The platform will provide security analysts with a comprehensive incident solution that provides a complete end-to-end view of threats across an organisation’s digital estate and streamlines the triage process.
In addition, the platform allows analysts to query all security information and event management and extended detection and response data in one place to uncover potential security threats.
Furthermore, Microsoft Security Copilot is natively embedded into the platform to provide analysts with artificial intelligence-powered guidance and automation that supports the processing of data.
“We’ve made a ton of progress on end-to-end protection, but with generative AI we can take a giant step forward, one so large that will finally tip the scales in the favour of defenders,” said Charlie Bell, executive vice president of Microsoft Security in his ‘The future of security with AI’ keynote speech at Microsoft Ignite 2023. “We can now harness everything we see and everything we own, with AI expertise that transcends the knowledge that any one individual could amass.”
Microsoft is also adding the capabilities of Security Copilot into other platforms in the Microsoft Security platform including Purview, Entra and Intune.
The unified security operations platform is now available in private preview and will move to public preview in 2024.