In a major push toward AI-driven cybersecurity, Microsoft has announced the expansion of its Security Copilot with advanced AI agents to strengthen protection against evolving cyber threats. The latest development introduces six Microsoft-built security agents and five partner-developed agents, aimed at automating critical security tasks, including phishing detection, data security, and identity management.
AI-Powered Security Agents to Combat Cyber Threats
Microsoft had launched Security Copilot a year ago to help security teams detect, investigate, and respond to threats more efficiently. Now, with the growing complexity of cyberattacks, such as 7,000 password attacks per second, Microsoft has introduced AI agents to enhance cyber defenses, Microsoft revealed in its blogpost.
“This is just the beginning; our security AI research is pushing the boundaries of innovation, and we are eager to continuously bring even greater value to our customers at the speed of AI,” \Alexander Stojanovic, Vice President of Microsoft Security AI Applied Research said.
Among the new tools is the Phishing Triage Agent in Microsoft Defender, designed to analyze phishing alerts, reducing false alarms and prioritizing real threats. Similarly, the Vulnerability Remediation Agent in Microsoft Intune helps organizations address software vulnerabilities and expedite patch management.
Other key additions include the Conditional Access Optimization Agent in Microsoft Entra, which strengthens identity security, and the Threat Intelligence Briefing Agent in Security Copilot, which curates relevant threat intelligence for organizations based on their cyber risk exposure.
Microsoft Partners Introduce AI Security Agents
Alongside its in-house solutions, Microsoft has collaborated with cybersecurity partners to introduce five additional AI security agents. Notable among them is the Privacy Breach Response Agent by OneTrust, which assists organizations in handling data breaches while ensuring compliance with regulatory standards.
Other partner-developed tools include the Network Supervisor Agent by Aviatrix, which troubleshoots VPN and network outages, and the Alert Triage Agent by Tanium, which provides security analysts with contextual insights to improve incident response.
Strengthening AI Security & Preventing Data Leaks
With the rise of generative AI, securing and governing AI applications has become a top priority for businesses. Microsoft is introducing new AI security posture management capabilities across Azure, AWS, and Google Cloud to help organizations safeguard AI applications against vulnerabilities like indirect prompt injections and data leaks.
To tackle shadow AI, where employees use unauthorized AI apps, Microsoft has unveiled AI web category filters and data loss prevention (DLP) controls in Microsoft Edge. These measures aim to prevent users from accidentally sharing sensitive data with AI applications like ChatGPT and Google Gemini.
Additionally, Microsoft Defender for Office 365 will expand phishing protection to Microsoft Teams starting in April 2025, offering real-time URL scanning and attachment security.
By continuously innovating with AI-driven security, Microsoft aims to provide end-to-end protection for organizations navigating the rapidly evolving cyber landscape.