Microsoft taps into OpenAI's GPT-4 for a security co-pilot that can analyze vulnerabilities

Microsoft will use OpenAI's generative AI models to strengthen its cybersecurity products. The big tech company announced a Security Copilot based on Open AI’s GPT-4 technology, a large-scale, multimodal model which can accept image and text inputs and produce text outputs, is aimed at security professionals to identify and protect against cyber-attacks. 

The Security Copilot is a simple prompt box that will help security analysts with tasks like summarizing incidents, analysing vulnerabilities and sharing information with co-workers on a pinboard, the company mentioned in the company’s official blog. 

The assistant will use Microsoft’s security-specific model, which the company described as “a growing set of security-specific skills” that is fed with more than 65 trillion signals every day”. 

“Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against relentless and sophisticated attackers,” said Vasu Jakkal, corporate vice president, Microsoft Security mentioned in the blog. “With Security Copilot, we are shifting the balance of power into our favour,” she added. 

The blog also mentions that Microsoft Security team is currently monitoring over 50 ransomware gangs and more than 250 distinct cybercriminal organisations associated with nation-states.  

Microsoft also maintained that its technology helps prevent more than 25 billion password theft attempts per second. Moreover, Microsoft has over 8,000 security professionals who analyse a vast number of security signals. On average, Microsoft’s Security Operations Center analysts utilise over 100 distinct data sources. 

Additionally, Security Copilot natively integrates with a growing list of Microsoft Security products, such as Sentinel and Defender, to assist customers. Security Copilot will also continually learn and improve to help ensure that security teams are operating with the latest knowledge of attackers, their tactics, techniques and procedures. 

In an interview with Bloomberg on Tuesday, Jakkal said that “it takes one hour and 12 minutes on average for an attacker to get full access to your inbox once a user has clicked on a phishing link. It used to be months or weeks for someone to get access.” According to her, these new capabilities enabling Copilot-assisted admins to respond within minutes to emerging security threats, rather than days or weeks after the exploit is discovered. 

Further in July 2021, Microsoft had acquired security software providers such as RiskIQ and a year later bought cyber threat analysis and research company Miburo to boost threat intelligence research. These acquisitions have also enabled Microsoft to gain a wide range of signals and in-depth intelligence on threat actors.  

Earlier this month Microsoft had also announced the launch of Microsoft Dynamics 365 Copilot, touted to be the world’s first copilot in both customer relationship management (CRM) and enterprise resource planning (ERP).  Last week, Microsoft also unveiled ‘Copilot X’, an upgraded version of Copilot, its AI code assistant with added GPT-4 capabilities to GitHub.