{"id":25911,"date":"2025-07-25T07:30:08","date_gmt":"2025-07-25T15:30:08","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2025\/07\/25\/news-19631\/"},"modified":"2025-07-25T07:30:08","modified_gmt":"2025-07-25T15:30:08","slug":"news-19631","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2025\/07\/25\/news-19631\/","title":{"rendered":"Improving IT efficiency with Microsoft Security Copilot in Microsoft Intune and Microsoft Entra"},"content":{"rendered":"<p><strong>Credit to Author: Dorothy Li| Date: Mon, 14 Jul 2025 16:00:00 +0000<\/strong><\/p>\n<p class=\"wp-block-paragraph\">When Microsoft introduced <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/ai-machine-learning\/microsoft-security-copilot\">Microsoft Security Copilot<\/a> last year, our vision was to empower organizations with generative AI that helps security and IT teams simplify operations and respond faster. Since then, we\u2019ve continuously innovated and learned alongside our customers. They consistently tell us that practitioners love it when Copilot is built directly into the tools they use every day.<\/p>\n<p class=\"wp-block-paragraph\">That\u2019s why we\u2019re focused on delivering deeply integrated, scenario-based experiences that align with Zero Trust principles, making it easier for IT and security professionals to ask questions, take action, and gain insights directly within their existing workflows. These experiences not only reduce friction but also help IT teams stay in flow, making smarter decisions faster and with greater confidence. And the impact is real: organizations using Security Copilot have seen a <a href=\"https:\/\/cdn-dynmedia-1.microsoft.com\/is\/content\/microsoftcorp\/microsoft\/final\/en-us\/microsoft-brand\/documents\/Copilot_productivity_external_Spring2025_042125_v3_remediated.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">54% reduction in time to resolve device policy conflicts<\/a>, and a 22.8% drop in alerts per incident within three months of adoption, freeing up teams to focus on more strategic work.<\/p>\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-7 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-75\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/www.microsoft.com\/security\/business\/ai-machine-learning\/microsoft-security-copilot\">Get started with Microsoft Security Copilot<\/a><\/div>\n<\/p><\/div>\n<p class=\"wp-block-paragraph\">We\u2019re excited to announce <strong>the Security Copilot capabilities in <a href=\"https:\/\/www.microsoft.com\/security\/business\/microsoft-intune\">Microsoft Intune<\/a> and <a href=\"https:\/\/www.microsoft.com\/security\/business\/microsoft-entra\">Microsoft Entra<\/a> have moved from preview to general availability<\/strong>. This milestone reflects the critical role Intune and Entra play in modern security strategies, serving as the foundation for implementing a Zero Trust model. Intune enforces device compliance, app protection, and endpoint privilege management, while Entra governs identity access with Conditional Access policies and granular authentication controls. Together, they create a unified security posture that aligns with <a href=\"https:\/\/www.microsoft.com\/security\/business\/zero-trust\">Zero Trust principles<\/a> across devices, users, applications, and even agents. Security Copilot amplifies this foundation by providing AI-assisted guidance, autonomous agents, and insights accessible through natural language, helping IT teams scale operations, accelerate skilling, and proactively remediate threats at machine speed.<\/p>\n<h2 class=\"wp-block-heading\" id=\"reimagining-it-workflows-with-security-copilot-in-intune\">Reimagining IT workflows with Security Copilot in Intune<\/h2>\n<p class=\"wp-block-paragraph\">IT administrators often face a daily flood of data, alerts, and configuration details, making it difficult to quickly find the right information and act with confidence. AI is changing how people work, and Copilot in Intune is evolving how IT admins interact with and act on their endpoint management data. The Security Copilot in Intune general availability release introduces a brand new, Copilot-assisted data exploration capability. IT admins now have <a href=\"https:\/\/aka.ms\/Intune\/CopilotJuly2025\">a dedicated page<\/a> in the Intune admin center to ask Copilot for the data they need, take action, and complete endpoint management tasks, all without leaving their workflow. This capability allows admins to extract insights across Intune domains\u2014devices, apps, security policies, users, compliance data, app configurations, and more\u2014and act on it using its deep integration into the Intune functionality they are familiar with. It represents the first step in a foundational shift from traditional reporting and queries to Copilot-powered investigation and IT-empowered action.<\/p>\n<p class=\"wp-block-paragraph\">This new Security Copilot capability is designed to simplify the most time-consuming IT workflows, like assessing security posture, managing updates, troubleshooting issues, and generating custom reports. Whether it\u2019s identifying non-compliant devices, tracking patch failures, previewing policy impact, or automating remediation, Copilot brings together the data and actions IT needs in one place.<\/p>\n<p class=\"wp-block-paragraph\">Admins can ask natural language questions like, \u201cShow me devices that are not on the latest version of Windows and Office,\u201d or \u201cWhich of my Endpoint Privilege Management rules are in conflict and what are the source profiles?\u201d and take action instantly, without switching context.<\/p>\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;68839a9225368&quot;}\" data-wp-interactive=\"core\/image\" class=\"wp-block-image size-large wp-lightbox-container\"><img decoding=\"async\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/07\/Picture1-1-1024x527.webp\" alt=\"A screenshot of the Intune admin center with a new left navigation option to explore Intune data.  Options for administrators to data across multiple workload categories such as Device compliance, apps, devices, app configuration and protection. \" class=\"wp-image-141150 webp-format\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/07\/Picture1-1-1024x527.webp 1024w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/07\/Picture1-1-300x154.webp 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/07\/Picture1-1-768x395.webp 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/07\/Picture1-1-1536x790.webp 1536w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/07\/Picture1-1.webp 1676w\" data-orig-src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/07\/Picture1-1-1024x527.webp\"><button \t\t\tclass=\"lightbox-trigger\" \t\t\ttype=\"button\" \t\t\taria-haspopup=\"dialog\" \t\t\taria-label=\"Enlarge image: A screenshot of the Intune admin center with a new left navigation option to explore Intune data.  Options for administrators to data across multiple workload categories such as Device compliance, apps, devices, app configuration and protection. \" \t\t\tdata-wp-init=\"callbacks.initTriggerButton\" \t\t\tdata-wp-on-async--click=\"actions.showLightbox\" \t\t\tdata-wp-style--right=\"state.imageButtonRight\" \t\t\tdata-wp-style--top=\"state.imageButtonTop\" \t\t> \t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\"> \t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/> \t\t\t<\/svg> \t\t<\/button><\/figure>\n<p class=\"wp-block-paragraph\"><em>Figure 1. New experience to explore your Intune data <em>with Copilot assistance<\/em><\/em> <em>across workloads.<\/em><\/p>\n<p class=\"wp-block-paragraph\">The new Explorer experience also includes support for Windows 365 Cloud PCs, giving IT administrators a consistent way to view and act on device details across both cloud and physical endpoints. We are excited to share that <strong>in the coming weeks, we\u2019ll introduce additional AI capabilities in Intune with Copilot assistance for Windows 365<\/strong>, offering insights into Cloud PC connectivity and connection quality, licensing optimization, and performance issues tied to compute resources. These capabilities build on the momentum of virtual computing and the ability to stream Windows from the Cloud, enhancing the IT experience and delivering even more endpoint management value\u2014especially for Windows-based environments.<\/p>\n<p class=\"wp-block-paragraph\">The general availability release of Security Copilot in Intune also provides chat-based contextual assistance and includes integration with core and Microsoft Intune Suite solutions. Intune Advanced Analytics multiple device query (MDQ), and Copilot help admins write detailed Kusto Query Language (KQL) queries and Endpoint Privilege Management with Copilot assesses app risks for admins to make informed decisions before approving Windows users\u2019 elevation requests. And with the <a href=\"https:\/\/aka.ms\/CopilotSurfaceMgmtPortalBlog\" target=\"_blank\" rel=\"noreferrer noopener\">Surface Management Portal<\/a> in Intune, Copilot provides unified visibility and controls for IT across Surface devices, further strengthening security posture and streamlining operations.<\/p>\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-8 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-100\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/www.microsoft.com\/security\/business\/microsoft-intune\">Microsoft Intune: Empower IT. Protect endpoints. Optimize with AI.<\/a><\/div>\n<\/p><\/div>\n<p class=\"wp-block-paragraph\">Just as Security Copilot is transforming endpoint management in Intune, it\u2019s also reshaping how identity is managed in Microsoft Entra.<\/p>\n<h2 class=\"wp-block-heading\" id=\"security-copilot-in-entra-brings-clarity-and-speed-to-identity-security\">Security Copilot in Entra brings clarity and speed to identity security<\/h2>\n<p class=\"wp-block-paragraph\">Identity environments evolve daily\u2014new user, apps, and permissions are constantly introduced, making it difficult for IT and identity admins to keep policies up to date and user access properly governed. Manual investigations done the traditional way can be very time-consuming and reactive, giving cyberattackers more time to exploit gaps. With more than 600 million identity-based attacks happening daily, organizations can\u2019t afford slow, manual investigations or infrequent policy reviews.<sup>1<\/sup><\/p>\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/aka.ms\/EntraCopilotGANews2025\">Security Copilot in Microsoft Entra, now generally available<\/a>, brings AI-assisted reasoning, natural language prompts, and real-time insights across your identity and access estate, all within the Microsoft Entra admin center. We\u2019ve made major enhancements to improve performance, scalability, and accuracy, enabling Security Copilot to better understand user intent, handle more complex questions, and deliver clearer answers.<\/p>\n<p class=\"wp-block-paragraph\">&nbsp;We\u2019ve also expanded coverage to support a broader set of real-world identity scenarios. Copilot in Entra now helps admins investigate users, troubleshoot sign-ins, manage access reviews and entitlements, monitor tenant health and service-level agreement (SLAs), optimize license usage, and analyze role assignments and recommendations\u2014all grounded in Microsoft Graph data.<\/p>\n<p class=\"wp-block-paragraph\">Admins can now ask natural language questions like, \u201cWhich enterprise applications have credentials about to expire?\u201d and \u201cWhat role does the user have?\u201d to quickly surface insights and take action. Whether it\u2019s reviewing access packages, identifying risky apps, or checking license availability, Security Copilot in Entra helps teams move faster, stay ahead of cyberthreats, and focus on what matters most.<\/p>\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-9 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-100\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/www.microsoft.com\/security\/business\/microsoft-entra\">Microsoft Entra: Comprehensive identity and network access solutions<\/a><\/div>\n<\/p><\/div>\n<h2 class=\"wp-block-heading\" id=\"purpose-built-agents-for-real-world-it-challenges\">Purpose-built agents for real-world IT challenges<\/h2>\n<p class=\"wp-block-paragraph\">At Microsoft Secure 2025, as part of our vision to deliver an <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/03\/24\/microsoft-unveils-microsoft-security-copilot-agents-and-new-protections-for-ai\/\">AI-first, end-to-end security platform<\/a>, Microsoft announced <a href=\"https:\/\/techcommunity.microsoft.com\/blog\/SecurityCopilotBlog\/automate-cybersecurity-at-scale-with-microsoft-security-copilot-agents\/4394675\/\" target=\"_blank\" rel=\"noreferrer noopener\">11 AI-powered Security Copilot agents<\/a> that are seamlessly integrated with Microsoft Security and partner solutions. These agents autonomously handle high-volume, high-value tasks, learn from feedback, adapt to workflows, and operate securely, reflecting our commitment to helping organizations achieve what was previously impossible\u2014at machine speed.<\/p>\n<p class=\"wp-block-paragraph\">Today marks a meaningful milestone in our journey toward an AI-first, end-to-end security platform: we\u2019re announcing the general availability of the Conditional Access Optimization Agent in Microsoft Entra. This launch brings AI-powered automation to IT and security operations, helping teams bring proactive protection directly into identity workflows.<\/p>\n<p class=\"wp-block-paragraph\">The Conditional Access Optimization Agent runs autonomously, scanning your environment for gaps, overlaps, and outdated policy assignments. It then recommends precise, one-click remediations to help close the gaps fast, turning reactive cleanup into proactive defense.<\/p>\n<p class=\"wp-block-paragraph\">The Conditional Access Optimization Agent provides:<\/p>\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Autonomous protection, every day<\/strong>\u2014Automatically detects newly created users or apps not covered by Conditional Access policies, reducing risk between manual audits.<\/li>\n<li class=\"wp-block-list-item\"><strong>Real-time, explainable decisions<\/strong>\u2014Every recommendation includes a plain-language summary and visual activity map showing how the agent reached its conclusion.<\/li>\n<li class=\"wp-block-list-item\"><strong>Continuous adaptability to your organization\u2019s needs<\/strong>\u2014Support for custom business rules, the agent can learn based on your natural-language feedback (for example, excluding break-glass accounts).<\/li>\n<li class=\"wp-block-list-item\"><strong>Full auditability<\/strong>\u2014Agent actions like install, enable and disable, and recommendations are recorded in the audit log for compliance and operational transparency.<\/li>\n<\/ul>\n<p class=\"wp-block-paragraph\">With the Conditional Access Optimization Agent, policy coverage becomes continuous. You gain daily protection, policy clarity, and built-in expertise without the manual lift. As one security leader put it:<\/p>\n<blockquote class=\"wp-block-quote has-quote-default-font-size is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"has-body-large-font-size wp-block-paragraph\"><em>\u201cThe Conditional Access Optimization Agent is like having a security analyst on call 24\/7. It proactively identifies gaps in our Conditional Access policies and ensures every user is protected from day one, and with report-only mode and AI-driven recommendations, we can test and refine access policies without disruption. It\u2019s a secure path to innovation that every chief information security officer can trust.&#8221;<\/em> <\/p>\n<p class=\"has-body-large-font-size wp-block-paragraph\">\u2014Julian Rasmussen, Senior consultant and Partner, Point Taken, Microsoft MVP<\/p>\n<\/blockquote>\n<h2 class=\"wp-block-heading\" id=\"step-into-the-future-of-it-with-security-copilot\">Step into the future of IT with Security Copilot<\/h2>\n<p class=\"wp-block-paragraph\">We\u2019re in a new era of AI that has implications for IT operations and security. Now with <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/ai-machine-learning\/microsoft-security-copilot\">Microsoft Security Copilot<\/a> in Intune and Entra, you can make your organization future-ready with AI solutions that help organizations transform IT and security at machine speed.<\/p>\n<p class=\"wp-block-paragraph\">As part of our ongoing commitment to enhancing the embedded experience of Security Copilot across Microsoft Security products, we\u2019re excited to introduce a new <a href=\"https:\/\/securitycopilot.microsoft.com\/calculator\" target=\"_blank\" rel=\"noreferrer noopener\">in-portal capacity calculator<\/a> available in the Security Copilot standalone experience (Azure account required). This tool allows organizations to estimate the number of Security Compute Units (SCUs) they may need based on the number of Security Copilot users in each Microsoft Security product. Users can generate a quick estimate, providing a practical starting point for capacity planning. SCU allocations can be adjusted at any time as real-world usage patterns emerge. <a href=\"https:\/\/aka.ms\/scp-mws\" target=\"_blank\" rel=\"noreferrer noopener\">Learn more<\/a>.<\/p>\n<p class=\"wp-block-paragraph\">Explore more use cases for IT and identity admins in the Security Copilot <a href=\"https:\/\/adoption.microsoft.com\/security-copilot\/\" target=\"_blank\" rel=\"noreferrer noopener\">adoption hub<\/a>. Explore Copilot in Intune and Entra and take these steps to learn more:<\/p>\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/copilot\/security\/get-started-security-copilot\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Get started<\/strong> with Microsoft Security Copilot<\/a>.<\/li>\n<li class=\"wp-block-list-item\"><strong>Learn more<\/strong> about how to apply <a href=\"https:\/\/adoption.microsoft.com\/microsoft-security\/intune\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Intune<\/a> and <a href=\"https:\/\/adoption.microsoft.com\/en-us\/microsoft-security\/entra\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Entra<\/a> to your program.<\/li>\n<li class=\"wp-block-list-item\"><strong>Connect with your Microsoft representative<\/strong> to schedule a demo or get more information.<\/li>\n<\/ul>\n<p class=\"wp-block-paragraph\">To learn more about Microsoft Security solutions, visit our <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\">website.<\/a> Bookmark the <a href=\"https:\/\/www.microsoft.com\/security\/blog\/\">Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (<a href=\"https:\/\/www.linkedin.com\/showcase\/microsoft-security\/\">Microsoft Security<\/a>) and X (<a href=\"https:\/\/twitter.com\/@MSFTSecurity\">@MSFTSecurity<\/a>) for the latest news and updates on cybersecurity.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<p class=\"wp-block-paragraph\"><sup>1<\/sup><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/security-insider\/intelligence-reports\/microsoft-digital-defense-report-2024?msockid=27b7b3bc5be566bc06c9a5a05a7a679d\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Digital Defense Report 2024<\/a>.<\/p>\n<p class=\"wp-block-paragraph\"><em>The data, insights, and events in this report represent July 2023 through June 2024 (Microsoft fiscal year 2024), unless otherwise noted.<\/em><\/p>\n<p>The post <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/14\/improving-it-efficiency-with-microsoft-security-copilot-in-microsoft-intune-and-microsoft-entra\/\">Improving IT efficiency with Microsoft Security Copilot in Microsoft Intune and Microsoft Entra<\/a> appeared first on <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/14\/improving-it-efficiency-with-microsoft-security-copilot-in-microsoft-intune-and-microsoft-entra\/\" target=\"bwo\" >https:\/\/blogs.technet.microsoft.com\/mmpc\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Dorothy Li| Date: Mon, 14 Jul 2025 16:00:00 +0000<\/strong><\/p>\n<p>Announcing the general availability of Microsoft Security Copilot capabilities for IT with Microsoft Intune and Microsoft Entra, offering AI-powered efficiency and enhanced security for your operations.<\/p>\n<p>The post <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/14\/improving-it-efficiency-with-microsoft-security-copilot-in-microsoft-intune-and-microsoft-entra\/\">Improving IT efficiency with Microsoft Security Copilot in Microsoft Intune and Microsoft Entra<\/a> appeared first on <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10759,10378],"tags":[],"class_list":["post-25911","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/25911","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=25911"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/25911\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=25911"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=25911"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=25911"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}