Microsoft Enhances Cybersecurity with New Security Copilot Agents and Advanced AI Protections

Cloud
Share on Pinterest Share on LinkedIn

Sure! Here’s the translation into American English:

The company introduces six new AI-based agents to automate critical security tasks and protect corporate environments against emerging threats, along with new solutions to prevent data leaks to unauthorized AI applications.

Microsoft has announced a significant evolution of its Security Copilot platform, with the launch of AI agents designed to autonomously assist in key areas such as identity management, phishing protection, and vulnerability analysis. This move addresses the unstoppable growth and complexity of cyberattacks, which already exceed human response capabilities.

Microsoft has detected over 30 billion phishing emails from January to December 2024, according to internal data. Additionally, its intelligence system processes 84 trillion signals and 7,000 password attacks per second daily, figures that highlight the need to strengthen cybersecurity through advanced automation.

Six new AI agents to bolster corporate defense

The six new Security Copilot agents will be available for preview starting in April 2025. Among them are:

  • Phishing Triage Agent: integrated into Microsoft Defender, capable of managing phishing alerts and distinguishing between real threats and false positives, providing clear explanations for its decisions.
  • Alert Triage Agent in Microsoft Purview: prioritizes alerts related to data loss and internal risks, improving accuracy through feedback from administrators.
  • Conditional Access Optimization Agent in Microsoft Entra: detects security gaps in uncovered access and recommends applicable fixes with a single click.
  • Vulnerability Remediation Agent in Microsoft Intune: monitors vulnerabilities and streamlines the application of critical patches for the Windows operating system.
  • Threat Intelligence Briefing Agent: generates automated threat intelligence reports tailored to each organization.

Collaboration with strategic partners also strengthens defenses

Alongside its own developments, Microsoft has announced the integration of five new agents from technology partners, also available in April:

  • Privacy Breach Response Agent (OneTrust): analyzes privacy breaches and offers guidelines for regulatory compliance.
  • Network Supervisor Agent (Aviatrix): performs diagnostics on issues with VPN or Site2Cloud connections.
  • SecOps Tooling Agent (BlueVoyant): assesses the state of Security Operations Centers (SOCs) and optimizes controls.
  • Alert Triage Agent (Tanium): provides additional context for decision-making in response to security alerts.
  • Task Optimizer Agent (Fletch): predicts and prioritizes critical alerts to reduce fatigue in cybersecurity teams.

New capabilities to protect corporate AI

The accelerated adoption of AI-based tools has multiplied the risks of data leaks and unknown threats. According to Microsoft’s latest report, 57% of organizations acknowledge having experienced security incidents related to the use of AI, although 60% still have not implemented specific controls.

To address this challenge, the company has introduced enhancements in Microsoft Defender to strengthen security posture in multicloud and multimodel environments, now covering platforms such as Google VertexAI, Amazon Web Services, Meta Llama, Mistral, and custom models. These new features will be available in preview in May 2025.

In addition, Defender will integrate advanced detections for emerging attacks identified by OWASP, such as indirect prompt injections or sensitive data exposure, protecting both proprietary applications and models available in Azure AI Foundry.

Combating “Shadow AI” and protecting sensitive data

The phenomenon of “Shadow AI”, or unauthorized use of AI applications within organizations, has increased the risk of sensitive data leaks. To combat this, Microsoft has announced two key measures:

  • The general availability of an AI web category filter in Microsoft Entra Internet Access, which will restrict access to unauthorized AI applications based on corporate policies.
  • The preview launch of Microsoft Purview Browser DLP controls in Microsoft Edge for Business, capable of preventing the manual entry of sensitive data into applications such as ChatGPT, Copilot Chat, DeepSeek, or Google Gemini.

Phishing protection also in Microsoft Teams

Microsoft has extended its phishing protections beyond email. Starting in April 2025, Microsoft Defender for Office 365 will include advanced defenses in Microsoft Teams, with real-time analysis of malicious URLs and attachments, providing SOC teams complete visibility of attack attempts within the collaboration platform.

A firm step towards a more secure digital environment

With these innovations, Microsoft reaffirms its commitment to comprehensive and automated cybersecurity, leveraging its AI-first platform and collaboration with strategic partners. The company has invited professionals and businesses to learn more about these solutions on April 9, 2025, during the digital event Microsoft Secure, focused on security in the age of artificial intelligence.

Reference: Microsoft

Share on Pinterest Share on LinkedIn
Scroll to Top