SC-5006 Enhance security operations by using Microsoft Security Copilot
Explore the transformative power of AI in security with Microsoft Security Copilot. This course starts by introducing you to the fundamental concepts of generative AI. The course then delves into the cutting-edge AI functionality of Microsoft Security Copilot that empowers analysts to respond to threats quickly, process signals at machine speed, and assess risk exposure more quickly than may otherwise be possible. Lastly, the course guides the learner through a series of simulation-based exercises that mimic real-world situations.
This course is targeted to security professionals interested in getting started with Microsoft Security Copilot, including security analysts, security admins, and SOC managers. The person taking this course is looking to familiarize themselves with the functionality of Microsoft Security Copilot in both the standalone and embedded experiences. They should have working knowledge of security operations and incident response, experience with Microsoft security products and services, and is interested in learning how Microsoft Security Copilot, an AI-powered security analysis tool, can help them process security signals and respond to threats more quickly.
- Working knowledge of security operations and incident response
- Working knowledge of Microsoft security products and services
- Define generative AI and its core principles
- Understand how language models work
- Explore transformer architectures and their role in AI advancement
- Compare different types of language models
- Learn techniques to improve prompt quality and output
- Apply responsible AI practices for ethical model use
- Get acquainted with Microsoft Security Copilot capabilities
- Review common terminology and key concepts
- Understand how Security Copilot processes prompt requests
- Identify elements of an effective prompt
- Learn how to enable Microsoft Security Copilot in your environment
- Explore the standalone experience and session features
- Understand workspaces and collaboration capabilities
- Review Microsoft and third-party plugins
- Learn about custom promptbooks and knowledge base integrations
- Explore Copilot functionality within Microsoft Defender XDR
- Learn how Copilot integrates with Microsoft Purview, Entra, Intune, and Defender for Cloud (Preview)
- Understand the role of Copilot agents in security operations
- Explore the Threat Intelligence Briefing Agent
- Review the Conditional Access Optimization Agent
- Examine the Phishing Triage Agent and its workflow
- Walk through the first-run and standalone experiences
- Explore workspace creation and customization
- Configure the Microsoft Sentinel plugin and enable custom plugins
- Manage file uploads as a knowledge base
- Create custom promptbooks for tailored investigations
- Explore Copilot capabilities within Defender XDR, Purview, and Entra