Microsoft announce some important updates to M365 Copilot Chat that will enhance security and user experience, following:

Integration with SafeLinks:
- M365 Copilot Chat will integrate with SafeLinks in Defender for Office 365 to provide time-of-click URL protection for the hyperlinks included in its chat responses.
- This change applies to users with Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. No policy configuration is needed within the SafeLinks policy.
- Within Microsoft Defender for Office 365 Security Center, URL protection report will show the relevant summary and trend views for threats detected and actions taken on URL clicks.
Native Time-of-Click URL Reputation Check:
- For users without SafeLinks protection (which is available as part of Microsoft Defender for Office 365), M365 Copilot Chat will natively enable time-of-click URL reputation check for the hyperlinks returned in its chat responses.
Hyperlink Redaction Changes:
- M365 Copilot Chat will no longer redact hyperlinks in its chat responses if they are found in the grounding data used to generate the responses.

When this will happen:

General Availability (Worldwide): We will begin rolling out in late March 2025 and expect to complete by late May 2025.

Rollout will start on desktop and web and will complete with mobile versions. We plan to extend these updates to Copilot Chat experiences in Office apps in the future.

How this will affect your organization:

These updates are designed to enhance the security of the links included in M365 Copilot Chat response, ensuring that users are protected from malicious URLs.

What you need to do to prepare:

You may consider updating your training and documentation as appropriate to ensure users are aware of the change in behavior with hyperlinks in M365 Copilot Chat.

Microsoft Defender for Cloud integrates both Microsoft Copilot for Security and Microsoft Copilot for Azure into its experience. With these integrations, you can ask security-related questions, receive responses, and automatically trigger the necessary skills needed to analyze, summarize, remediate, and delegate recommendations using natural language prompts.

Both Copilot for Security and Copilot for Azure are cloud-based AI platforms that provide a natural language copilot experience. They assist security professionals in understanding the context and effect of recommendations, remediating or delegating tasks, and addressing misconfiguration in code.

How Copilot works in Defender for Cloud

Defender for Cloud integrates Copilot directly in to the Defender for Cloud experience. This integration allows you to analyze, summarize, remediate, and delegate your recommendations with natural language prompts.

When you open Copilot, you can use natural language prompts to ask questions about the recommendations. Copilot provides you with a response in natural language that helps you understand the context of the recommendation. It also explains the effect of implementing the recommendation and provides steps to take for implementation.

Some sample prompts include:

Show critical risks for publicly exposed resources
Show critical risks to sensitive data
Show resources with high severity vulnerabilities

Copilot can assist with refining recommendations, providing summaries, remediation steps, and delegation. It enhances your ability to analyze and act on recommendations.