After early access in October 2023, Microsoft officially launched the generative AI service Copilot for Security in April. Today the company announced that it is adding several plugins for Copilot for Security users from a variety of third-party vendors.

in a blog postMicrosoft stated:

These plugins allow you to extend the capabilities of leading security providers across the industry, from threat intelligence to incident response, data protection, and more. These plug-ins are jointly developed by Microsoft and third-party independent software vendors (ISVs) to meet you where you are, no matter what security tools you use.

Some of the new plugins add brand new features to Copilot for Security:

• CIRCL.lu – Query various files against the well-known file database of the Computer Incident Center Luxembourg (CIRCL). This can help you identify malicious or suspicious files and take appropriate actions.
• Crowdsec – Improve your network security with CrowdSec Threat Intelligence: Get detailed insights into IP reputation, advanced classifications, historical activity and behavior patterns of potential threats to stay one step ahead of cyber attackers.
• CyberArk – Gain insight into privileged accounts and provide a quick remediation framework for customers using Cyberark Privilege Cloud (PAM SaaS)
• Darktrace – Leverage threat detection and remediation insights from Darktrace’s ActiveAI Security platform.
• Jamf – Gain easy access to inventory and security insights from the devices managed by Jamf Pro
• GreyNoise Community & Enterprise – Query GreyNoise Community & Enterprise APIs to enable IP lookups, context and other critical details in the GreyNoise noise dataset. This can help you filter out benign or irrelevant IP addresses and focus on those that pose a real threat.
• RedCanary – Leverage Red Canary’s managed detection and response (MDR) platform to protect endpoints, network, cloud workloads, identities and SaaS applications from emerging threats.
• ReversingLabs – Using the Spectra Intelligence platform from ReversingLabs, get file reputation insights and analysis reports for faster inspection and response times.
• Shodan – Enable users to gain enhanced visibility into your organization’s web assets using Shodan
• URLScan – Scan and analyze a URL using urlscan.io. This can help you identify phishing, phishing, or other malicious sites and prevent them from endangering your users or your system

Other Copilot for Security plugins also revealed some new capabilities:

• Cyware response – Streamlining incident and threat response using Cyware Respond’s powerful threat response automation platform
• Netscope – Collect information about events and alerts across your Netskope infrastructure. It can help you monitor and protect your cloud applications and data from threats and risks.
• SGNL – Maintain a stable zero-privilege posture with cross-system visibility and insights. Gain insight into accurate access decisions and trends across your SGNL assets.
• Tanium – Enable tools for analysts of all skill levels to make informed decisions and confidently take decisive action using Tanium’s real-time endpoint data.
• Valence Security – Find and fix SaaS risks with SaaS security posture management and threat detection. Protect business-critical data with insights into SaaS permissions, activities, SaaS-to-SaaS integrations, and misconfiguration risks.

Copilot for Security customers can access all third-party plugins on this list by going to the “Sources” section and then installing them. Microsoft plans to add more new plugins to the service over the coming months.