Microsoft is unveiling a new set of security tools and features aimed at both securing AI agents and systems and using AI to inform and automate security intelligence and threat detection. 

The foundation of the new offerings is MIcrosoft Sentinel, the company’s security platform, that now includes the availability of the massive Sentinel data lake and gives organizations the ability to build their own AI agents through Sentinel Copilot. 

What’s New

  • General availability of the Sentinel data lake, which is built on the trillions of data signals Sentinel ingests every day. 
  • Launch of the Microsoft Security Store, a collection of prebuilt and custom agents
  • Preview of the Sentinel Model Context Protocol server and the Sentinel graph.
  • Ability to build low-code or no-code AI agents through the Sentinel MCP server-enabled code platform

All of the enhancements and additions are designed to give organizations more agility and flexibility to address security issues quickly and efficiently. Sentinel began life as a SIEM platform and it still serves that purpose, but the changes and upgrades are meant to bring it into the AI age.

“The goal is to transform it from a SIEM to an AI-ready platform and integrate the data lake and graph and MCP server,” said Scott Woodgate, general manager, threat protection at Microsoft.

A big part of the change is the ability for customers to build custom AI agents in Copilot-enabled platforms such as VS Code. Those agents can then be integrated into existing apps and platforms. Customers who build new custom agents can contribute the agents to the Microsoft Security Store if they choose.

“Collaboration is vital in security and we know that it takes effort from all of us,” Woodgate said. 

  • Recent Posts

  • Recent Comments

    No comments to show.