Learn about Microsoft Security Copilot, an AI-powered security analysis tool that enables analysts to process security signals and respond to threats at a machine speed, and the AI concepts upon which it's built.

Prerequisites

• Working knowledge of security operations and incident response
• Working knowledge of Microsoft security products and services

Modules in this learning path

Fundamentals of Generative AI

In this module, you explore the way in which language models enable AI applications and services to generate original content based on natural language input. You also learn how generative AI enables the creation of agents that can assist humans in creative tasks.

• Introduction
• What is generative AI?
• What are language models?
• Using language models
• Understand agents
• Understand Microsoft Copilot
• Considerations for prompts
• Extending and developing copilot-like agents
• Exercise - Explore Microsoft Copilot
• Knowledge check
• Summary

Describe Microsoft Security Copilot

Get acquainted with Microsoft Security Copilot. You are introduced to some basic terminology, how Microsoft Security Copilot processes prompts, the elements of an effective prompt, and how to enable the solution.

• Introduction
• Get acquainted with Microsoft Security Copilot
• Describe Microsoft Security Copilot terminology
• Describe how Microsoft Security Copilot processes prompt requests
• Describe the elements of an effective prompt
• Describe how to enable Microsoft Security Copilot
• Knowledge check
• Summary and resources

Describe the core features of Microsoft Security Copilot

Microsoft Security Copilot has a rich set of features. Learn about available plugins, promptbooks, the ways you can export and share information from Copilot, and much more.

• Introduction
• Describe the features available in the standalone experience of Microsoft Security Copilot
• Describe the features available in a session of the standalone experience
• Describe the Microsoft plugins available in Microsoft Security Copilot
• Describe the non-Microsoft plugins supported by Microsoft Security Copilot
• Describe custom promptbooks
• Describe knowledge base connections
• Knowledge check
• Summary and resources

Describe the embedded experiences of Microsoft Security Copilot

Microsoft Security Copilot is accessible directly from some Microsoft security products. This is referred to as the embedded experience. Learn about the scenarios supported by the Copilot embedded experience in Microsoft’s security solutions.

• Introduction
• Describe Copilot in Microsoft Defender XDR
• Copilot in Microsoft Purview
• Copilot in Microsoft Entra
• Copilot in Microsoft Intune
• Copilot in Microsoft Defender for Cloud (Preview)
• Knowledge check
• Summary and resources

Explore use cases of Microsoft Security Copilot

Explore use cases of Microsoft Security Copilot in the standalone and embedded experiences, through lab-like exercises.

• Introduction
• Explore the first run experience
• Explore the standalone experience
• Configure the Microsoft Sentinel plugin
• Enable a custom plugin
• Explore file uploads as a knowledge base
• Create a custom promptbook
• Explore the capabilities of Copilot in Microsoft Defender XDR
• Explore the capabilities of Copilot in Microsoft Purview
• Knowledge check
• Summary and resources