Security Copilot now available for Microsoft Intune and Entra

By on
Security Copilot now available for Microsoft Intune and Entra

Security Copilot capabilities are now available in cloud-based unified endpoint management platform Microsoft Intune and cloud-based identity and access management solution Microsoft Entra.

Intune enforces device compliance, app protection, and endpoint privilege management, while Entra governs identity access with Conditional Access policies and granular authentication controls.

Security Copilot's integration with these will provide AI-assisted guidance, autonomous agents, and insights accessible through natural language, intending to help IT teams scale operations, accelerate skilling and proactively remediate threats.

Microsoft reported that since it was launched last year, organisations using Security Copilot have seen a 54% reduction in time to resolve device policy conflicts, as well as a 22.8% drop in alerts per incident within three months of adoption, freeing up teams to focus on more strategic work.

Data exploration capability

The Security Copilot in Intune release introduces a new, Copilot-assisted data exploration capability.

IT admins now have a dedicated page in the Intune admin center to ask Copilot for the data they need, take action and complete endpoint management tasks, all without leaving their workflow.

This capability allows admins to extract insights across Intune domains - devices, apps, security policies, users, compliance data, app configurations, and more - and act on it using Copilot's integration into the Intune functionality.

This new Security Copilot capability is designed to simplify the most time-consuming IT workflows, like assessing security posture, managing updates, troubleshooting issues, and generating custom reports. 

The new Explorer experience also includes support for Windows 365 Cloud PCs, giving IT administrators a way to view and act on device details across both cloud and physical endpoints.

Microsoft has said that in the coming weeks, it will also introduce additional AI capabilities in Intune with Copilot assistance for Windows 365, offering insights into Cloud PC connectivity and connection quality, licensing optimisation, and performance issues tied to compute resources.

The company said these capabilities build on the momentum of virtual computing and the ability to stream Windows from the Cloud.

The general availability release of Security Copilot in Intune also provides chat-based contextual assistance and includes integration with core and Microsoft Intune Suite solutions.

Intune Advanced Analytics multiple device query (MDQ) and Copilot help admins write detailed Kusto Query Language (KQL) queries and Endpoint Privilege Management with Copilot assesses app risks for admins to make informed decisions before approving Windows users’ elevation requests.

With the Surface Management Portal in Intune, Copilot provides unified visibility and controls for IT across Surface devices, further strengthening security posture and streamlining operations.

'Major enhancements' to performance, scalability and accuracy

Security Copilot in Microsoft Entra brings AI-assisted reasoning, natural language prompts, and real-time insights across identity and access estates, all within the Microsoft Entra admin center. 

Microsoft said that it had made "major enhancements" to improve performance, scalability, and accuracy, enabling Security Copilot to better understand user intent, handle more complex questions and deliver clearer answers.

Copilot in Entra now also helps admins investigate users, troubleshoot sign-ins, manage access reviews and entitlements, monitor tenant health and service-level agreement (SLAs), optimise license usage and analyse role assignments and recommendations - all grounded in Microsoft Graph data.

Conditional Access Optimisation Agent now available

Alongside the Intune and Entra integrations, Microsoft also announced the general availability of the Conditional Access Optimisation Agent in Microsoft Entra.

This brings AI-powered automation to IT and security operations, intending to help teams bring proactive protection directly into identity workflows.

The Conditional Access Optimisation Agent runs autonomously, scanning environments for gaps, overlaps, and outdated policy assignments. It then recommends precise, one-click remediations to help close the gaps.

Every recommendation includes a plain-language summary and visual activity map showing how the agent reached its conclusion.

The Conditional Access Optimisation Agent automatically detects newly created users or apps not covered by Conditional Access policies, reducing risk between manual audits.

Agent actions like install, enable and disable, and recommendations are also recorded in the audit log for compliance and operational transparency.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © nextmedia Pty Ltd. All rights reserved.
Tags:
conditional access optimisation agent microsoft microsoft entra microsoft intune security security copilot

Partner Content

Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers

Sponsored Whitepapers

F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Easing the burden of Microsoft CSP management
Easing the burden of Microsoft CSP management
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan

Events

techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025
techpartner.news Benchmark Security Awards 2025
techpartner.news Benchmark Security Awards 2025

Most read articles

NEXTGEN "realigns" structure, announces senior promotions, plans vendor consolidation

NEXTGEN "realigns" structure, announces senior promotions, plans vendor consolidation
Ingram Micro "grateful" for customers' support during cybersecurity incident

Ingram Micro "grateful" for customers' support during cybersecurity incident
The Aussie startup building an integration platform for MSPs and SIs

The Aussie startup building an integration platform for MSPs and SIs
Macquarie Technology Group secures option to buy Sydney land for data centre campus

Macquarie Technology Group secures option to buy Sydney land for data centre campus

Log in

Email:
Password:
  |  Forgot your password?