The provided input is a detailed step-by-step guide on using the custom Copilot for Security pack for Microsoft Data Security. This walkthrough empowers organizations to understand cyber security risks in a context that enhances their capabilities. The guide includes prerequisites such as licensing requirements for Microsoft Purview Information Protection and setting up Azure AI Search to ingest policy documents. The step-by-step process involves adding a custom plugin by downloading the DataSecurityAnalyst.yml file, uploading the plugin, and utilizing various prompts like DLP and Sensitive content detection.
The custom package offers functionalities like anomalies detection, monitoring access to sensitive information, identifying compromised accounts, tracking document access, analyzing CVE exposure, tuning Exchange DLP policies, assessing unlabelled operations in Purview, monitoring applications accessing sensitive content, and checking internet-accessible hosts processing sensitive data. The guide also introduces prompt books as a resource for security-related tasks, providing standardized incident response procedures.
The article showcases sample prompt books for Exchange incidents and SharePoint incidents, emphasizing the importance of following standard operating procedures for incident management. It also mentions ongoing work on Defender integration for detailed incident reporting. The guide concludes by listing related posts in the series, offering further insights into cyber security practices and tools.
This comprehensive guide equips organizations with the knowledge and tools needed to enhance their cyber security posture and effectively manage potential risks. By following the outlined steps and leveraging the capabilities of Copilot for Security, organizations can proactively address security challenges and protect their sensitive information effectively.
