After a rollout period, Microsoft is ready to allow third-party plugins in Copilot for Security. Some add many new features to Copilot.

With Copilot for Security, Microsoft brought generative AI for cybersecurity into beta at the end of last year. Six months later, Microsoft successfully completed the testing phase with the general availability of Copilot for Security at the end of March.

The early access phase has already shown that security teams see a benefit in an AI assistant, at least according to Microsoft. Security teams reported that with Copilot they were able to work 22 percent faster and accuracy across all tasks increased by seven percent. 97 percent of those who have already tried Copilot for Security would like to continue using the tool.

Now Microsoft allows external plug-ins to make the AI ​​assistant even more flexible. “These plug-ins were developed jointly by Microsoft and independent third-party software vendors (ISVs) to help you stay put, regardless of the security tools you use.”

The plugins are available in public preview. You can enable all of this:

• CIRCL.lu – Search for various file hashes in the well-known Computer Incident Response Center Luxembourg (CIRCL) file database. This can help you identify malicious or suspicious files and take appropriate action.
• Crowdsec – Increase the security of your network with CrowdSec Threat Intelligence: Get detailed insights into IP reputations, advanced classifications, historical activity and behavior patterns of potential threats to stay one step ahead of cyber attackers.
• CyberArk – Gain visibility into privileged accounts and provide a rapid recovery framework for customers using Cyberark Privilege Cloud (PAM SaaS).
• Darktrace – Leverage threat detection and remediation insights from Darktrace’s ActiveAI security platform.
• Jamf – Easily access inventory and security insights from your Jamf Pro managed devices.
• GreyNoise Community & Enterprise – Query GreyNoise Community and Enterprise APIs to enable IP lookups, context and other key details in GreyNoise noise datasets. This can help you filter out harmless or irrelevant IP addresses and focus on those that pose a real threat.
• RedCanary – Leverage Red Canary’s Managed Detection and Response (MDR) platform to protect endpoints, networks, cloud workloads, identities and SaaS applications from emerging threats.
• Reversing Labs – Gain insight into file reputation and analytics reports for faster triage and response times with ReversingLabs’ Spectra Intelligence platform.
• Shodan – Give users a better overview of your organization’s web-based assets with Shodan.
• URLScan – Scan and parse a URL with urlscan.io. This allows you to detect phishing pages, fake brands, or other malicious websites and prevent them from putting your users or system at risk.

Other plugins for Copilot for Security have also revealed some new features:

• Cyware response – Streamline incident and threat response with Cyware Respond’s robust threat response automation platform
• Netskope – Collect information about events and alerts in your Netskope infrastructure. This can help you monitor and protect your cloud applications and data from threats and risks.
• SGNL – Maintain a zero-privilege posture with cross-ecosystem visibility and insights. Gain visibility into detailed access decisions and trends across your SGNL assets.
• Tanium – Empower analysts of all levels to make informed decisions and confidently take decisive action using Tanium’s real-time endpoint data.
• Valence Security – Find and remediate SaaS risks with SaaS security management and threat detection. Protect business-critical data with visibility into SaaS permissions, activity, SaaS-to-SaaS integrations, and misconfiguration risks.

With Copilot for Security, you only pay when you actually use the chatbot: Microsoft charges four dollars per hour. Microsoft says it wants to lower the barrier to entry for Copilot for Security.