Microsoft is continuing its push toward AI-driven security with the rollout of new agentic agents in Microsoft Security Copilot. These additions are designed to significantly reduce the manual workload associated with triaging security logs, alerts, and remediation tasks—bringing more automation and intelligence to security operations.
What’s New?
Six new agentic agents are being introduced for Microsoft’s own security tools, alongside several for third-party integrations. These agents go beyond just providing answers—they can take action or deliver actionable recommendations directly to analysts.
The new Microsoft agents include:
-
Phishing Triage Agent
-
Alert Triage Agent
-
Conditional Access Optimization Agent
-
Vulnerability Remediation Agent for Intune
-
Threat Intelligence Briefing Agent
Additionally, Microsoft is bringing data security investigations and analysis into Microsoft Purview, further solidifying its position in the AI-powered security landscape.
You can read Microsoft’s full announcement here.
Why This Matters
-
Less Manual Work, More Automation:
Security Copilot has always been a powerful tool for security analysts, but these new agents bring a deeper level of automation. They’re not just answering questions—they’re helping to triage incidents and initiate remediation actions, freeing up human analysts to focus on higher-value tasks. -
Open Ecosystem for Third-Party Tools:
Microsoft recognizes that not every organization uses Defender or Entra exclusively. That’s why Security Copilot is being built with an open framework that allows third-party security vendors to integrate their data and develop their own agentic agents. Expect this to become a significant area of growth and collaboration across the security industry. -
Purview Becomes Central to AI Security Strategies:
With expanded investigation capabilities coming to Microsoft Purview, it’s becoming a critical hub for data governance and security. Any organization using Microsoft 365 or Azure will likely find Purview increasingly important in shaping their AI and compliance strategies.
Takeaway:
Microsoft is betting big on AI to reshape how security teams work—and the introduction of these new agentic agents is a major step toward truly autonomous security operations. Whether you’re all-in on Microsoft or using a hybrid security stack, this evolution in Security Copilot is one to watch closely.
