Quorum Cyber launches Copilot for Security

The industry’s first generative AI solution will help security and IT professionals catch what others miss, move faster and strengthen team expertise.

Generally available on 1st April 2024, Microsoft Copilot for Security is set to revolutionise the way security teams conduct investigations and respond to incidents. As a proud Microsoft Copilot for Security Partner, and privy to the Microsoft Copilot for Security Partner preview, our Quorum Cyber experts are knowledgeable and skilled on this product which helps protect your organisation at the speed and scale of AI. Copilot for Security establishes a centralised command centre for defensive operations, meaning Quorum Cyber can respond quicker to incidents through Copilot, fostering deep connections to all Microsoft and non-Microsoft solutions from one place.

For example, at its core, Copilot for Security ingests and correlates security data from a wide array of sources including Microsoft Sentinel, Entra, Endpoint Manager, threat intelligence feeds, and more. It enriches this data with real-time context around vulnerabilities, active campaigns, and indicators of compromise pulled from databases like CVE (Common Vulnerabilities and Exposures). This rich data consolidation provides analysts with a comprehensive threat canvas.

Streamlining Investigative Workflows

One of the standout features of Copilot for Security is its ability to guide analysts through structured, efficient investigative workflows using an intuitive interface and pre-built prompt templates. Analysts can seamlessly look up IP reputations, de-obfuscate and analyse PowerShell scripts, and check for potentially malicious files/hashes – all without leaving Copilot for Security’s environment.

As investigations unfold, Copilot for Security automatically stitches together an executive summary report that includes all gathered insights, key evidence, and tailored recommendations for remediation. These reports can be mapped directly to compliance frameworks such as ISO 27001, HIPAA, NIST, and many others, simplifying governance and audit requirements. As such, we can improve customers’ security and compliance posture over time, linking this to real-life incidents, meaning there’s real value in proving to your auditors that your organisation is compliant.

Enhancing Collaboration and Institutional Knowledge

Pivotal to Copilot for Security’s design is its integration with external data, such as Quorum Cyber’s Clarity platform for unified case management.

All within the same environment, analysts can:

• Instantly surface related past incidents handled by Quorum Cyber’s teams
• Tap into accumulated knowledge
• Maintain a seamless feedback loop with impacted clients.

Interactive Embedded Analysis

We have been busy showcasing Copilot for Security’s innovative embedded mode. This feature allows analysts to summon its analytical capabilities from directly within other security tools and console environments, such as Microsoft Defender. This embedded functionality opens a wide range of possibilities for on-demand analysis, pivoting, and accelerated response actions based on the situational context.

AI-Powered Acceleration for Analysts

At its heart, Copilot for Security leverages advanced AI and natural language processing to intelligently assist analysts, boost productivity, and unlock new capabilities. By streamlining data ingestion, automating reporting tasks, and providing relevant on-demand information, all while operating within Quorum Cyber’s proven managed services framework, Copilot for Security promises to be a game-changing force multiplier for security teams.

As cyber threats continue to rise in complexity and volume, Quorum Cyber’s Copilot for Security is a compelling new offering that could help defenders rapidly pinpoint and neutralise hostile activity with unrivalled efficiency.

Licensing

So, what is the cost? Copilot can be purchased as a consumption model. This means it will be easy to get started quickly and on a small scale, to experiment and learn with no upfront charges per device or user. Customers will use their existing Azure subscription or sign up for one if they are not already an Azure customer. From there, they can provision Azure capacity to support all their Copilot for Security workloads, whether  standalone or embedded. Copilot for Security capacity is anticipated to be billed monthly via a new Security Compute Unit (SCU) at the rate of $4/hr.

Readiness and Availability

Quorum Cyber is a proud member of the Microsoft for Security Partner ecosystem, empowering everyone to confidently adopt safe and responsible AI. As such, we have been preparing our customers through awareness and readiness workshops.

General availability means Copilot for Security will be available worldwide on April 1, 2024. For more information, please contact us or watch our video to learn more.