THE PROMPT for Copilot for Security - Issue #9
Weirdly enough
My Prompts
Happy Friday, everyone and welcome back!
In this edition I’m excited to introduce:
The Copilot for Security SCU Optimizer Solution. This innovative tool is designed to simplify cost management and enhance operational efficiency for your organization.
Learn how to harness the power of KQL Plugins for enhanced security insights and discover how to customize and optimize Copilot for Security with the custom Data Security plugin.
Stay ahead in the ever-evolving cybersecurity landscape with our comprehensive guides and updates.
…
You may have noticed this bi-weekly newsletter also delivered last week. I don’t yet have anything to announce for this newsletter’s frequency, only that last week was a catch-up week. This newsletter failed to deliver on its regular schedule a couple weeks ago.
You can expect delivery to go back to regularly scheduled programming after this week.
…
Talk soon.
-Rod
Community Prompts
Introducing the Copilot for Security SCU Optimizer Solution - As someone who has been deeply involved in customer conversations since Copilot for Security was launched, I’ve witnessed firsthand the concerns and hurdles organizations face. That’s why I developed the Copilot for Security SCU Optimizer—a solution designed to simplify cost management and enhance operational efficiency.
Harnessing the power of KQL Plugins for enhanced security insights with Copilot for Security - Copilot for Security is a generative-AI powered security solution that empowers security and IT professionals to respond to cyber threats, process signals, and assess risk exposure at the speed and scale of AI. As we build Copilot for Security, we are guided by four principles that shape the product’s vision: Intuitiveness, Customizability, Extensibility and adherence to Responsible AI principles. Plugins are a great example of how we bring the principles of customizability and extensibility alive within the product. In line with this, Copilot for Security allows customers to bring in signals from not just Microsoft solutions but also several third-party security solutions via plugins. Today, the platform supports three types of plugins: API, GPT and KQL-based plugins. KQL-based plugins can ingest insights into Copilot from three sources: Log Analytics workspaces-including data from custom tables, M365 Defender XDR and Azure Data Explorer (ADX) clusters.
Learn how to customize and optimize Copilot for Security with the custom Data Security plugin - This is a step-by-step guided walkthrough of how to use the custom Copilot for Security pack for Microsoft Data Security and how it can empower your organization to understand the cyber security risks in a context that allows them to achieve more. By focusing on the information and organizational context to reflect the real impact/value of investments and incidents in cyber. We are working to add this to our native toolset as well, we will update once ready.
Cybersecurity in a context that allows your organization to achieve more - You don't need us to tell you about the current Cyber Security threat landscape, if you are reading this blog post you already know. You are also aware that the absence of evidence for a breach is not the same as not being breached and that your cyber security posture is constantly being assessed by adversaries. This is not becoming easier with the boom of AI and related services that are leading to a boom in data processing in combination with new capabilities for threat actors. Or... could it?
Event Prompts
Come join us on September 4th to talk about how you can use Copilot for Security in Purview for your data security investigations! - In this session you will learn about Copilot for Security in Purview, how it works and see demos of how can be used to address business challenges, simplify and speed investigations. This session is for anyone that would like to learn more about what Copilot for Security in Purview is and how to use it.
Audio/Visual Prompts
Did you miss this year’s Copilot for Security themed partner month on The Microsoft Security Insights Show? Catch all the episodes in the partner month playlist:
https://youtube.com/playlist?list=PLT7gsT16FK5aG89yCZUnnUjL5YfSPKB9B&si=HudltLk3E4LRqMB0
Collateral Prompts
Microsoft Security in the Era of AI - The Ultimate Skilling Guide - Designed for Business Leaders and Security Professionals, this eBook contains insights on how to keep your organization secure by building the skills to leverage the AI-powered Microsoft Security suite - including the latest Microsoft Copilot for Security.
News Prompts
Copilot integration in device query - Public preview
Type: New feature
Experience: Embedded
You can now use Copilot in Microsoft Intune's device query page to help you craft KQL queries. Just use natural language to ask about a device in Microsoft Intune, and Copilot will generate a KQL query that you can run to get the answer.
For more information, see Query with Copilot in device query.
Prompt of the Week
Copilot for Security Prompt of the Day: Explain the potential motive behind the observed security incident in Microsoft Sentinel incident <incident_number>.
https://github.com/rod-trent/Copilot-for-Security/blob/main/Prompts/Plugins/Sentinel.md
Every day of the work week, there’s a new Copilot for Security Prompt of the Day. This is an effort to help with your creativity and supply ideas for things to help you use Copilot for Security to its fullest. You can find every prompt here: https://rodtrent.substack.com/notes
Or use the Copilot for Security Prompt Library to keep your prompting chops fresh. Copilot for Security Prompt Library: https://aka.ms/CfSPromptLibrary