Microsoft for more than a year has been infusing generative AI capabilities throughout much of its product and services portfolio – such as Microsoft 365 and Bing – through its Copilot initiative, an effort to help enterprise IT administrators, developers, and other users to get the benefits of the emerging technology in their work.

Come April 1, the IT giant’s Copilot for Security chatbot will be generally available to cybersecurity pros, giving them a tool that is designed to help them more quickly detect, quantify, and defend against the increasingly complex threats that bad actors are throwing at them.

“Copilot is informed by large-scale data and threat intelligence, including more than 78 trillion security signals processed by Microsoft each day, and coupled with large language models to deliver tailored insights and guide next steps,” Vasul Jakkal, corporate vice president for security, compliance, identity, and management, wrote in a blog post. “With Copilot, you can protect at the speed and scale of AI and transform your security operations.”

Generative AI in Security Brings Rewards, Risks

The explosive innovation and adoption of generative AI and large-language models (LLMs) over the past 16 month as become a double-edge sword for those in the cybersecurity space. For defenders, the technology is enabling them to more quickly churn through massive amounts of data to detect and mitigate cyberattacks and vulnerabilities, predict future threats, become more efficient, accelerate workflows, and shift from a reactive to a proactive stance.

“The potential for GenAI to impact the cybersecurity space is tremendous,” Lucia Stanham, product marketing manager at CrowdStrike, wrote in a blog post in November. “Just as it can learn and replicate patterns in text, it can also learn from patterns found in cyber threats or vulnerabilities, or learn the documentation of security products to enable analysts to rapidly query their security tools.”

That said, cybercriminals also are able to use generative AI tools to make their operations more effective, from writing better phishing emails to better researching potential victims to finding vulnerabilities in open source software. They’re also increasingly targeting AI apps for vulnerabilities they can find there.

The market for generative AI is expected to grow quickly, with MarketsandMarkets predicting a jump from $2.5 billion this year to $14.5 billion by 2030 – an average of 34% a year – driven in large part by the growing frequency and sophistication of cyberattacks.

When Jakkal first announced Copilot for Security a year ago, he noted that cybersecurity is more than simply planning defenses to reduce the cost, complexity, and risk that threats and attacks bring. “It’s also a real-time intelligence game for us,” he said. “It’s about how we translate our products and the trillions of threat signals we see every day into one feedback cycle to improve operational security posture.”

Includes Tech from Microsoft and OpenAI

Copilot for Security, which will touch all products in Microsoft security portfolio, is a combination of OpenAI’s GPT-4 LLM and a security-specific model from Microsoft. It’s already shown the ability to make defenders more agile, faster, more accurate, and more efficient. According to a second study conducted by the company with experienced security analysts – the first was done with security novices – those testing the tool were 22% faster using Copilot, 7% more accurate across all their tasks, and 12% more accurate in their script analysis work.

In addition, 97% said they wanted to use Copilot the next time they perform the same task, Jakkal wrote.

“The combined results of both studies demonstrate that everyone – across all levels of experience and types of expertise – can make gains in security with Copilot,” he wrote.

Pay-as-You-Go Pricing

Unlike other Copilots for Microsoft 365 and other offerings – which are delivered via a monthly charge – Copilot for Security will be offered through a provisioned pay-as-you-go model of $4 an hour. The goal is to make it more accessible to a wider range of organizations.

“With this flexible, consumption-based pricing model, you can get started quickly, then scale your usage and costs according to your needs and budget,” Jakkal said.

The tool, which will support 25 different languages and has more than 100 partners that includes managed service providers and independent software vendors, also will come with new features, including custom promptbooks, that will let organizations create and save their own natural language prompts.

There also will be knowledge-based integrations – provided in preview – to allow enterprises to include their search and query their own proprietary content, an increasingly important function in generative AI products and services for organizations that increasingly want to custom models to fit their specific needs but worry about such sensitive data leaking.

Third-party partners also are developing integrations and services. In addition, enterprises can use Copilot for Security to identity and analyst up-to-date information about their external attack surface risks, Microsoft Entra audit and diagnostic logs for analysis of IT issues or more insight during security investigations, or dashboard insights to see how they can better optimize Copilot.