With increasingly frequent and sophisticated cyber attacks hitting every sector, companies must continually evolve their security strategies. Microsoft 365 enhanced security features make that easier with the introduction of Microsoft Security Copilot, along with new features in Microsoft Defender and Microsoft Entra.
Microsoft Security Copilot: AI-powered Security Assistant
In March, Microsoft introduced Microsoft Security Copilot, which combines generative AI with a security-specific model from Microsoft. It also integrates with existing Microsoft security products and soon with third-party tools. This powerful combination increases defender efficiency and capabilities, enabling them to respond at the speed and scale of AI.
For example, using natural language, a security professional might ask how to remediate an incident involving Emotet malware. Security Copilot will generate organization-specific guidance using signals and data from various security tools and Microsoft Defender Threat Intelligence. It synthesizes this data into actionable insights with step-by-step instructions.
According to Microsoft, Security Copilot preview customers have already reported significant time savings on core security operations tasks. Additional benefits include:
- Expert guidance informed by 65 trillion daily signals.
- Ability to respond to incidents in minutes instead of hours or days.
- Predictive guidance to help security teams get ahead of cyberthreats.
- Ability to bridge the cyber security talent gap by helping security professionals build their skills.
- Built-in security and privacy controls that ensure your data is never used to train other AI models.
Organizations wishing to join the Security Copilot Early Access Program should contact a Microsoft partner for more details.
Microsoft Defender New Features
Microsoft Defender delivers unified protection across endpoints, email, cloud apps, IoT devices, and more. And this year, Microsoft added several enhancements to Defender to help organizations detect and remediate threats faster and more effectively.
For instance, organizations that subscribe to Microsoft Defender Threat Intelligence can now access Threat Intelligence directly within Microsoft 365 Defender. Threat Intelligence streamlines incident triage and response by gathering threat data from across the internet and simplifying analysis.
In addition, Defender now includes email notifications for manual or automated actions taken in Microsoft 365 Defender. This allows key personnel to stay informed of actions taken by the security team or by the system to remediate threats. Through the portal, administrators can configure email notifications for different scenarios and recipients.
Microsoft also continues to enhance the capabilities of Defender for Cloud and Defender for IoT. Defender for Cloud allows security teams to monitor and secure cloud resources from a single dashboard, leveraging advanced analytics and machine learning. Defender for IoT, on the other hand, provides critical visibility into the IoT device inventory, traffic patterns, and vulnerabilities.
Microsoft Defender features in preview mode include mobile threat defense to protect mobile devices from phishing attacks and device vulnerabilities. Other features in preview include a monthly security summary and a device exposure score that helps assess device risk levels.
Microsoft Entra Improvements
The Microsoft Entra product family, including Azure AD, provides streamlined identity and access management. Several new features help companies personalize and secure access to applications while protecting external identity.
For instance, with Microsoft Entra Verified ID, organizations can now verify user identity with biometric or cryptographic methods. They can issue verifiable credentials such as digital passports, health cards, and more. And they can accept verifiable credentials from users to grant them access to applications or services.
Additionally, Microsoft Entra External ID (now in preview) offers a next generation customer identity access management platform. Businesses can easily capture and validate customer information and apply adaptive access policies based on risk level or context. They can also enable self-service capabilities such as password reset or account recovery.
Take Advantage of Microsoft 365 Enhanced Security
These improvements to Microsoft 365 security aim to streamline the process of securing critical data assets and systems. However, determining which features to implement and how to configure them properly requires a learning curve. The Microsoft security experts at eMazzanti can help. Sign up today for a workshop on Microsoft 365 Security and Cloud Backup.