Copilot Security Solutions | Softcat
Skip to main content

Login to eCAT

Customer Support
Contact Sales

Copilot for security

Copilot security solutions from Softcat
Softcat PPT Background Corner Lit Radial Aubergine Gradient RGB Softcat PPT Background Corner Lit Radial Aubergine Gradient RGB

What is Copilot for security?

Microsoft Copilot for Security is a generative AI powered security solution. Its goal is to improve efficiency, accuracy and capabilities of security teams to perform at machine speed and scale.

Copilot for Security seamlessly integrates with the Microsoft security products such as; Defender XDR Suite, Entra, Intune, Microsoft Sentinel and more. There is also the ability to leverage plugins where they are 3rd party plugins such as ServiceNow, Jamf, Tanium or custom/community ones to unlock features such as ‘Sending Copilot Output to Email’

Copilot for Security can transform how IT Teams and SOC analysts work by using OpenAI GPT-4’s generative AI with Microsoft’s security model that uses over 65 trillion daily signals to help triage alerts.

Watch video

Speak to our experts

Get in touch

What can it provide?

Copilot for Security can be leveraged in an immersive standalone portal OR embedded intuitively into existing familiar security products.

Standalone

This experience can help teams gain a broader context to troubleshoot and remediate incidents faster within the single Copilot for Security UX, with all these use cases enabling enriched cross-product guidance. So, you could summarize a Sentinel incident, get device context from Intune, hunt across Defender for alerts, and get identity context from Entra and data context from Purview, all in one place, all in one session, with all the enrichment and context you need to paint the full picture.

 

Embedded

Offers the intuitive experience of getting Copilot for Security guidance natively within the products that your team members already work from and are familiar with. If you’re an Entra power user, for example, you don’t have to leave that portal. You have Copilot for Security embedded natively into the portal that you’ve always used and are familiar with. This is the same for Defender XDR, Intune, Purview, and Defender for Cloud.  

cyber team 2

Use cases

Here are just three of the scenarios you can use Copilot for Security to help optimise the efficiency and accuracy of your security teams:

Script / File Analysis

Most sophisticated cyber-attacks evade detection via numerous ways by using scripts, and PowerShell command lines. These scripts are often concealed, adding complexion to detection and analysis. You’re also able to use Copilot for Security to inspect scripts without using external tools and assess whether or not they are embedded with malicious code.

Advanced Hunting

Copilot for Security allows security teams to leverage advanced hunting KQL queries by using simple natural language

Security Reports

Summarize investigations, incidents, vulnerabilities, or threats in minutes and prepare the information in ready-to-share reports. Additionally, you can create different reports using the same prompt e.g. ‘Create a technical and non-technical report based on the last month of security alerts for me to present to the board’

How is it licensed?

Copilot for Security pricing is based on a new consumption model and costs approximately $4 per SCU per hr. A Security Compute Unit (SCU) is Copilot for Security’s unit of measurement of computing capacity to run a Copilot workload.

The amount of SCUs needed depends on the complexity of the given workload. The pricing is consistent across the standalone experience and the embedded experiences as well as regions. 

The consumption-based model allows a wider range of customers to utilise it. There are no prerequisites, but for the best experience, it’s recommended that customers have MDE P2 and/or Microsoft Sentinel in order to see true value from the solution.

How can it be implemented?

While there are no explicit pre-requisites in terms of licensing, organisations do require two things, an Azure subscription and Entra ID to authenticate users.

 

Find out more

In addition to this, it’s important to note, much like Microsoft Sentinel the more sources you have integrated to Copilot for Security, the great your output and experience will be, especially if they are Microsoft solutions.

The advice we advocate for customers is to look at their adoption and deployment of Microsoft security solutions first to see if they need to invest in these solutions prior to implementation of Copilot for Security. An ideal ‘customer’ would be one who is Microsoft 365 E5 deployed and implemented alongside Microsoft Sentinel. Softcat are here to support from the first stage conversations all the way through to implementing them for you.  


Get in touch

Complete this form and we'll be in touch.

  • An open dialogue around Copilot and AI with In-house Microsoft experts & AI Experts who have been using Copilot, assessing where Copilot is appropriate in your organisation. 

  • Microsoft Experts work with you to ensure you have the right Security & Compliance tools are correctly deployed for Copilot 

  • Create an Adoption & Change Management plan to ensure your users responsibly get the most out of Copilot, setting your organisation up for the future.