Tech Field Day

The Independent IT Influencer Event

  • Home
    • The Futurum Group
    • FAQ
    • Staff
  • Sponsors
    • Sponsor List
      • 2025 Sponsors
      • 2024 Sponsors
      • 2023 Sponsors
      • 2022 Sponsors
    • Sponsor Tech Field Day
    • Best of Tech Field Day
    • Results and Metrics
    • Preparing Your Presentation
      • Complete Presentation Guide
      • A Classic Tech Field Day Agenda
      • Field Day Room Setup
      • Presenting to Engineers
  • Delegates
    • Delegate List
      • 2025 Delegates
      • 2024 Delegates
      • 2023 Delegates
      • 2022 Delegates
      • 2021 Delegates
      • 2020 Delegates
      • 2019 Delegates
      • 2018 Delegates
    • Become a Field Day Delegate
    • What Delegates Should Know
  • Events
    • All Events
      • Upcoming
      • Past
    • Field Day
    • Field Day Extra
    • Field Day Exclusive
    • Field Day Experience
    • Field Day Live
    • Field Day Showcase
  • Topics
    • Tech Field Day
    • Cloud Field Day
    • Mobility Field Day
    • Networking Field Day
    • Security Field Day
    • Storage Field Day
  • News
    • Coverage
    • Event News
    • Podcast
  • When autocomplete results are available use up and down arrows to review and enter to go to the desired page. Touch device users, explore by touch or with swipe gestures.
You are here: Home / Videos / Microsoft Security Introducing Security Copilot Agents

Microsoft Security Introducing Security Copilot Agents



Security Field Day 13


This video is part of the appearance, “Microsoft Security Presents at Security Field Day 13“. It was recorded as part of Security Field Day 13 at 13:00-14:30 on May 28, 2025.


Watch on YouTube
Watch on Vimeo

This session explores the evolution and capabilities of Microsoft Security Copilot, focusing on how it’s transforming security operations. Microsoft Security Copilot has evolved to incorporate AI agents, offering a fundamentally different approach to security tasks compared to traditional automation. These agents dynamically plan, reason, and execute tasks, adapting their approach as new information emerges, much like human analysts. This capability has already shown significant benefits, with security teams using Security Copilot reporting incident response times that are approximately 30% faster. The platform is designed to be an ecosystem, with 13 active agents, including six developed by Microsoft and seven by partners, demonstrating a commitment to partner integration and extending AI capabilities across the Microsoft Security Suite.

One notable Microsoft-developed agent is the phishing triage agent, designed to address the overwhelming volume of user-reported phishing incidents. This agent autonomously triages these submissions, analyzing email content, threat intelligence data, and links to determine if an email is genuinely malicious or benign. This frees up human analysts from mundane tasks, allowing them to focus on true threats. The agent learns from human feedback, enabling it to adapt to specific business contexts and improve its accuracy over time. This active learning mechanism, where administrators can provide feedback to the agent, ensures that the AI’s reasoning process is continuously refined, addressing scenarios where the AI might initially misclassify an email due to a lack of organizational-specific knowledge.

Beyond phishing triage, Microsoft Security Copilot includes agents for data loss prevention and insider risk management, which leverage generative AI to classify documents and assist privacy analysts in reviewing alerts. The Conditional Access Agent helps organizations maintain up-to-date security policies by constantly reviewing and suggesting adjustments to conditional access policies, significantly reducing the risk window caused by policy drift. The vulnerability intelligence agent automates the process of reading vulnerability reports, assessing device estates (specifically Windows endpoints), and recommending patching groups in Intune. Lastly, the threat intelligence briefing agent provides organizations with customized reports on cyber threats and vulnerabilities relevant to their specific profile, empowering analysts and organizations that may lack dedicated threat intelligence teams. These agents are designed to integrate seamlessly into existing workflows, enhancing efficiency and enabling security teams to focus on higher-value activities.

Personnel: Nick Goodman


  • Bluesky
  • LinkedIn
  • Mastodon
  • RSS
  • Twitter
  • YouTube

Event Calendar

  • Jul 9-Jul 10 — Networking Field Day 38
  • Aug 19-Aug 20 — Tech Field Day Extra at SHARE Cleveland 2025
  • Sep 10-Sep 11 — AI Infrastructure Field Day 3
  • Sep 24-Sep 25 — Security Field Day 14
  • Oct 22-Oct 23 — Cloud Field Day 24
  • Oct 29-Oct 30 — AI Field Day 7

Latest Coverage

  • Backups That Belong in the Cloud—But Not Too Close
  • Using a network diagram to configure the network – Another example of GenAI being used by networking vendors
  • Breaking Free from Hardcoded Security: Microsoft Introduces Human-in-the-Loop AI Agents
  • QlikConnect 25 – Keynote Updates – 05/14/2025
  • Uncompromising Network Visibility: How cPacket Augments Security with Advanced Telemetry and AI

Tech Field Day News

  • Have A Classy Time with Tech Field Day Extra at Cisco Live US 2025
  • Exploring Cloud Resilience, AI, and Data at Cloud Field Day 23

Return to top of page

Copyright © 2025 · Genesis Framework · WordPress · Log in