Take Flight with Microsoft Security Copilot Flight School
Greetings pilots, and welcome to another pioneering year of AI innovation with Security Copilot. Find out how your organization can reach new heights with Security Copilot through the many exciting announcements on the way at both Microsoft Secure and RSA 2025. This is why now is the time to familiarize yourself and get airborne with Security Copilot. Go to School Microsoft Security Copilot Flight School is a comprehensive series charted to take students through fundamental concepts of AI definitions and architectures, take flight with prompting and automation, and hit supersonic speeds with Logic Apps and custom plugins. By the end of the course, students should be equipped with the requisite knowledge for how to successfully operate Security Copilot to best meet their organizational needs. The series contains 11 episodes with each having a flight time of around 10 minutes. Security Copilot is something I really, really enjoy, whether I’m actively contributing to its improvement or advocating for the platform’s use across security and IT workflows. Ever since I was granted access two years ago – which feels like a millennium in the age of AI – it’s been a passion of mine, and it’s why just recently I officially joined the Security Copilot product team. This series in many ways reflects not only my passion but similar passion found in my marketing colleagues Kathleen Lavallee (Senior Product Marketing Manager, Security Copilot) Shirleyse Haley (Senior Security Skilling Manager), and Shateva Long (Product Manager, Security Copilot). I hope that you enjoy it just as much as we did making it. Go ahead, and put on your favorite noise-cancelling headphones, it’s time, pilots, to take flight. Log Flight Hours There are two options for watching Security Copilot Flight School: either on Microsoft Learn or via the Youtube Playlist found on the Microsoft Security Youtube Channel. The first two episodes focus on establishing core fundamentals of Security Copilot platform design and architecture – or perhaps attaining your instrument rating. The episodes thereafter are plotted differently, around a standard operating procedure. To follow the ideal flight path Security Copilot should be configured and ready to go – head over to MS Learn and the Adoption Hub to get airborne. It’s also recommended that pilots watch the series sequentially, and be prepared to follow along with resources found on Github, to maximize learning and best align with the material. This will mean that you’ll need to coordinate with a pilot with owner permissions for your instance to create and manipulate the necessary resources. Episode 1 - What is Microsoft Security Copilot? Security is complex and requires highly specialized skills to face the challenges of today. Because of this, many of the people working to protect an organization work in silos that can be isolated from other business functions. Further, enterprises are highly fragmented environments with esoteric systems, data, and processes. All of which takes a tremendous amount of time, energy, and effort just to do the day-to-day. Security Copilot is a cloud-based, AI-powered security platform that is designed to address the challenges presented by complex and fragmented enterprise environments by redefining what security is and how security gets done. What is AI, and why exactly should it be used in a cybersecurity context? Episode 2 - AI Orchestration with Microsoft Security Copilot Why is The Paper Clip Pantry a 5-star restaurant renowned the world over for its Wisconsin Butter Burgers? Perhaps it’s how a chef uses a staff with unique skills and orchestrates the sourcing of resources in real time, against specific contexts to complete an order. After watching this episode you’ll understand how AI Orchestration works, why nobody eats a burger with only ketchup, and how the Paper Clip Pantry operates just like the Security Copilot Orchestrator. Episode 3 – Standalone and Embedded Experiences Do you have a friend who eats pizza in an inconceivable way? Maybe they eat a slice crust-first, or dip it into a sauce you never thought compatible with pizza? They work with pizza differently, just like any one security workflow could be different from one task team, or individual to the next. This philosophy is why Security Copilot has two experiences – solutions embedded within products, and a standalone portal – to augment workflows no matter their current state. This episode will begin covering those experiences. Episode 4 – Other Embedded Experiences Turns out you can also insist upon putting cheese inside of pizza crust, or bake it thick enough as to require a fork and knife. I imagine, it’s probably something Windows 95 Man would do. In this episode, the Microsoft Entra, Purview, Intune, and Microsoft Threat Intelligence products showcase how Security Copilot advances their workflows within their portals. Beyond baking in the concepts of many workflows, many operators, the takeaway from this episode is that Security Copilot works with security adjacent workflows – IT, Identity, and DLP. Episode 5 – Manage Your Plugins Like our chef in The Paper Clip Pantry, we should probably define what we want to cook, what chefs to use, and set permissions for those that can interact within any input or output from the kitchen. Find out what plugins add to Security Copilot and how you can set plugin controls for your team and organization. Episode 6 – Prompting Is this an improv lesson, or a baking show? Or maybe if you watch this episode, you’ll learn how Security Copilot handles natural language inputs to provide you meaningful answers know as responses. Episode 7 – Prompt Engineering With the fundamentals of prompting in your flight log, it’s time to soar a bit higher with prompt engineering. In this episode you will learn how to structure prompts in a way to maximize the benefits of Security Copilot and begin building workflows. Congrats, pilot, your burgers will no longer come with just ketchup. Episode 8 – Using Promptbooks What would it look like to find a series of prompts and run them, in the same sequence with the same output every time? You guessed it, a promptbook, a repeatable workflow in the age of AI. See where to access promptbooks within the platform, and claw back some of your day to perfect your next butter burger. Episode 9 – Custom Promptbooks You’ve been tweaking your butter burger recipe for months now. You’ve finally landed at the perfect version by incorporating a secret nacho cheese recipe. The steps are defined, the recipe perfect. How do you repeat it? Just like your butter burger creation, you might discover or design workflows with Security Copilot. With custom promptbooks you can repeat and share them across your organization. In this episode you’ll learn about the different ways Security Copilot helps you develop your own custom AI workflows. Episode 10 – Logic Apps System automation, robot chefs? Actions? What if customers could order butter burgers with the click of a button, and the kitchen staff would automatically make one? Or perhaps every Friday at 2pm a butter burger was just delivered to you? Chances are there are different conditions across your organization that when present requires a workflow to being. With Logic Apps, Security Copilot can be used to automatically aid workflows across any system a Logic App can connect to. More automation, less mouse clicking, that’s a flight plan everyone can agree on. Episode 11 – Extending to Your Ecosystem A famed restaurant critic stopped into the The Paper Clip Pantry butter burger, and it’s now the burger everyone is talking about. Business is booming and it's time to expand the menu – maybe a butter burger pizza, perhaps a doughnut butter burger? But you’ll need some new recipes and sources of knowledge to achieve this. Like a food menu the possibilities of expanding Security Copilot’s capabilities are endless. In this episode learn how this can be achieved with custom plugins and knowledgebases. Once you have that in your log, you will be a certified Ace, and ready to take flight with Security Copilot. Take Flight I really hope that you not only learn something new but have fun taking flight with the Security Copilot Flight School. As with any new and innovative technology, the learning never stops, and there will be opportunities to log more flight hours from our expert flight crews. Stay tuned at the Microsoft Security Copilot video hub, Microsoft Secure, and RSA 2025 for more content in the next few months. If you think it’s time to get the rest of your team and/or organization airborne there’s check out the Security Copilot adoption hub to get started: aka.ms/SecurityCopilotAdoptionHub Other Resources Our teams have been hard at work building solutions to extend Security Copilot, you can find them on our community Github page found at: aka.ms/SecurityCopilotGitHubRepo To stay close to the latest in product news, development, and to interact with our engineering teams, please join the Security Copilot CCP to get the latest information: aka.ms/JoinCCPMicrosoft Security Copilot Achieves PCI DSS Certification
We are excited to announce that Microsoft Security Copilot has achieved the Payment Card Industry Data Security Standard (PCI DSS) certification, a significant milestone in our ongoing commitment to security excellence. This certification highlights our dedication to protecting sensitive payment information and staying ahead of increasingly sophisticated cyber threats in today’s digital landscape. You can access the certification by visiting the Service Trust Portal and searching for "Copilot for Security." Why PCI DSS Certification Matters PCI DSS is the global standard for securing credit card data and preventing fraud, setting rigorous requirements for organizations handling sensitive payment information. Achieving PCI DSS compliance is not just a regulatory requirement, but a crucial part of maintaining customer trust and ensuring business continuity. Research from the U.S. Federal Trade Commission (FTC) shows that consumers are increasingly concerned about the security of their personal and payment data. PCI DSS compliance reassures customers that their data is being handled securely. With the growing frequency and sophistication of cyberattacks, businesses must adopt these security standards to safeguard data and reduce the financial and reputational risks of breaches. Expanding Our Commitment to Security and Compliance In addition to PCI DSS, Microsoft Security Copilot has already achieved several other critical certifications, including SOC 2, ISO 27001, ISO 27018, ISO 27017, ISO 27701, ISO 20000-1, ISO 9001-1, ISO 22301, and HITRUST CSF. These certifications demonstrate our proactive approach to navigating complex regulatory requirements and continually enhancing our security infrastructure. We are fully compliant with HIPAA through Business Associate Agreements (BAA), ensuring adherence to healthcare regulations and safeguarding sensitive health data. How PCI DSS Certification and Our Expanded Portfolio Benefit You With Microsoft Security Copilot’s robust certification portfolio, our customers enjoy a wide range of benefits: Enhanced Security: PCI DSS and other certifications enforce rigorous security measures that help protect payment data and reduce the risk of data breaches and fraud. Streamlined Compliance: By using Security Copilot, customers can rely on a certified platform that simplifies their compliance efforts, saving both time and resources. Increased Trust: Achieving these certifications signals our unwavering commitment to data protection, fostering trust with customers and stakeholders. Clear Responsibility Models: With the Azure PCI DSS Responsibility Matrix and other compliance frameworks, Microsoft and our customers have a shared understanding of security responsibilities, ensuring clarity in meeting compliance requirements. Next Steps To learn more about how Microsoft Security Copilot can enhance your organization's cybersecurity posture and compliance efforts, please visit our dedicated product page. For more details on our full range of compliance offerings, including SOC 2 and other certifications, please visit the Microsoft Service Trust Portal. Microsoft is proud of this achievement and looks forward to continuing to support our enterprise customers in their pursuit of secure and compliant operations through Microsoft Security Copilot. To see Security Copilot in action, contact our sales team to schedule a personalized demo or request a quote. We are committed to supporting you throughout every step of your journey.
Updates to Security Admin permissions for Microsoft Copilot for Security
Security Admins will soon have an expanded authority to control Microsoft security products to access Microsoft 365 Customer Data. Within Microsoft Copilot for Security, the purpose of this is to allow users to query information directly from those M365 products in the standalone and embedded experiences.
LeVar Burton joins Vasu Jakkal to share his hope for transformative technologies like generative AI
LeVar Burton sat down for the fireside chat as part of a broader campaign to explain how generative AI will change the world of Security. To learn more about Microsoft Copilot for security go toaka.ms/CopilotForSecurity. To learn more about LeVar Burton go to levarburton.com.Microsoft Copilot for Security Defender Threat Intelligence and Threat Analytics Plugin Overview
Copilot for Security delivers information about threat actors, indicators of compromise (IOCs), tools, and vulnerabilities, as well as contextual threat intelligence from Microsoft Defender Threat Intelligence (MDTI) and Threat Analytics (TA).
