Microsoft officially introduces GPT-4 into security, and industry disruption seems to be coming

When security researchers ask for the latest vulnerability information, Microsoft will also clearly indicate the source of the results. Microsoft used information from vulnerability databases from the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology, and Microsoft's own threat intelligence database.

At 23:30 on March 28, Beijing time, Microsoft Security launched a global live broadcast and launched Microsoft Security Copilot - officially announcing the introduction of GPT-4 into network security.

According to Microsoft, Security Copilot will continuously learn and improve, providing continuous access to the most advanced OpenAI models to support demanding security tasks and applications.

At the same time, Security Copilot is the world's first true AI security product. It uses Microsoft's huge global threat intelligence and information provided by tens of trillions of sources every day to help enterprises with rapid detection and response. Better cope with the current increasingly severe network security situation. Security Copilot also delivers an enterprise-grade security and privacy compliance experience because it runs on the hyperscale infrastructure of Microsoft Azure.

It is worth noting that Microsoft emphasized from the beginning that the emergence of Security Copilot was not to replace the work of security personnel, but to assist security analysts in outputting value more efficiently. Security professionals, for example, can use Security Copilot to conduct incident investigations or quickly summarize incidents and help with reporting.

As Microsoft Vice President Vasu Jakkal said, "Security is always people-oriented, and this is what Microsoft Secure means." To enhance collaboration, Security Copilot also comes with a note board feature that allows colleagues to share information.

But for the network security industry, the impact of the launch of Security Copilot is no less than an earthquake. For a long time, the cybersecurity industry has been engaged in an asymmetric battle, with security personnel with limited resources competing against attackers with unlimited resources.

Therefore, cyber security has always had a dream: to introduce AI to enhance defense capabilities. Now this dream has really come true. AI is not only a weapon in the hands of network attackers, but also a strong shield in the hands of security defenders.

To some extent, the emergence of Security Copilot will also kick off the subversion of the global network security industry. Just as modern security subverts traditional security, the network security system with cloud and AI as the core will also bring about a new subversion. Coupled with ultra-large-scale threat intelligence and signals, the development of future security is even more exciting and will surely result. More opportunities.

In Microsoft's secure web page display, we can see the power of Security Copilot. Users can ask Security Copilot for suspicious user logins within a specific time period; they can even use it to create PowerPoint presentations outlining incidents and their attack chains; and can accept files, URLs, and code snippets for analysis. At the same time, Security Copilot also provides visual tools that allow security personnel to use the robot to generate demonstration files with one click to show the path of security threats.

Advantages of Security Copilot

Security Copilot continues to use a question and answer model similar to ChatGPT, where users only need natural language Ask questions and get actionable responses from Security Copilot, whose core technology is OpenAI's GPT-4 generative artificial intelligence and Microsoft's own security-specific models. It enables security teams to manage complex security situations more effectively, with the primary goal of empowering security analysts by accelerating threat intelligence aggregation and interpretation, allowing them to discover malicious activity faster when analyzing network traffic.

Microsoft summarizes the advantages of Security Copilot into the following three categories:

1. Simplify work and improve efficiency

The concealment and complexity of network attacks make attackers successful One of the secrets is also a headache for corporate security personnel. Security Copilot will simplify complexity and empower security teams by summarizing and understanding threat intelligence, helping defenders see through the noise of network traffic and identify malicious activity. Security Copilot dramatically shortens security incident response times by synthesizing data from multiple sources into clear, actionable insights and responding to incidents in minutes instead of hours or days.

2. Detect network security threats in advance

One of the advantages of AI is that it can have extraordinary analysis capabilities that humans cannot achieve. Attacks can be discovered just by relying on some extremely hidden attack traces. signal and prompt network security personnel to handle it as soon as possible. Featuring Microsoft's vast global threat intelligence, Security Copilot will assist in detecting previously overlooked threats by correlating threat activity signals and making the right connections when examining attack data. It will also help security teams uncover information others miss by correlating and aggregating attack data, prioritizing incidents and recommending the best course of action to promptly remediate various threats.

3. Alleviating the talent gap problem

With the increasing frequency of cyber attacks, the global network security talent gap has reached a staggering 3.4 million. The lack of industry talents has greatly restricted the development of the network security industry. The capabilities of enterprise security teams will also always be limited by team size and human attention span. Security Copilot improves defenders' skills by answering basic to complex security-related questions. Security Copilot continuously learns from user interactions, adapts to enterprise preferences, and advises defenders on the best course of action to achieve more secure outcomes.

Security Copilot’s ability to continue to grow

What’s even more powerful about Security Copilot is its unlimited ability to grow, which Microsoft describes as “an ever-growing set of specific security skills.” It also integrates data and insights from other Microsoft security tools, including Sentinel, Defender, and Intune, to provide customized guidance for each organization.

Security Copilot will continuously learn and improve to help ensure security teams operate with the latest knowledge about attackers, their tactics, techniques and procedures. Its visibility into threats is powered by customer organizations' security data and Microsoft's vast threat analytics footprint.

Interestingly, when security researchers ask for the latest vulnerability information, Microsoft will also clearly indicate the source of the results. Microsoft used information from vulnerability databases from the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology, and Microsoft's own threat intelligence database.

But that doesn’t mean Microsoft’s Security Copilot is always right. “We know that sometimes these models can go wrong, so we provide the ability to make sure we have feedback,” said Chang Kawaguchi, AI security architect at Microsoft. The feedback loop is much more complex than a like or dislike on Bing. "Because there are so many ways it can go wrong," Kawaguchi explains. Microsoft will let users answer what exactly went wrong to better understand any errors.

Reference source

​​https://www.microsoft.com/zh-cn/security/business/ai-machine-learning/microsoft-security-copilot?rtc=1​ ​

The above is the detailed content of Microsoft officially introduces GPT-4 into security, and industry disruption seems to be coming. For more information, please follow other related articles on the PHP Chinese website!