🚀🚀 Microsoft Security Copilot Agent -Weekly Microsoft Security Update -April 23, 2026 🚀🚀

00:00-Introduction 00:33-Security Copilot’s Security Analyst agent Public Preview. 03:05-Microsoft Security copilot Threat Intelligence Briefing Agent 05:22-Microsoft Security copilot: Triage Agent in Insider Risk Management 07:31-Microsoft Security copilot: Triage Agent in Data Loss Prevention 09:19-Thank You 1) Microsoft Security Copilot’s Security Analyst agent Public Preview : The Security Analyst Agent in Security Copilot helps security analysts quickly identify, assess, and prioritize risks. The agent performs deep, multi-step investigations across Microsoft Defender and Microsoft Sentinel telemetry to surface high-impact risks and deliver prioritized insights Reference a. https://learn.microsoft.com/en-us/copilot/security/security-analyst-agent 2) Microsoft Security copilot Threat Intelligence Briefing Agent Threat intelligence is about taking raw security data and turning it into clear insights so organizations can act before threats cause damage Reference a. https://learn.microsoft.com/en-us/copilot/security/threat-intel-briefing-agent 3) Microsoft Security copilot: Triage Agent in Insider Risk Management The Triage Agent in Insider Risk Management helps security teams automatically evaluate and prioritize alerts based on user behavior, activity risk, and data sensitivity. It groups alerts into categories like high risk, low risk, and uncategorized to help teams focus on the most critical issues first. The agent saves time by filtering and organizing alerts, but some alerts may still require manual analysis Reference a. https://learn.microsoft.com/en-us/purview/copilot-in-purview-agents?bc=%2fsecurity-copilot%2fbreadcrumb%2ftoc.json&toc=%2fsecurity-copilot%2ftoc.json#triage-agent-in-insider-risk-management 4) Microsoft Security copilot: Triage Agent in Data Loss Prevention The DLP Alert Triage Agent helps security teams quickly evaluate alerts by looking at data sensitivity, data sharing risk, and policy violations. It automatically groups alerts into four categories so teams can focus on the most important risks first. This reduces manual effort and helps prioritize real threats. For device-based alerts, evidence collection must be enabled to analyze file activity properly Reference a. https://learn.microsoft.com/en-us/purview/copilot-in-purview-agents?bc=%2fsecurity-copilot%2fbreadcrumb%2ftoc.json&toc=%2fsecurity-copilot%2ftoc.json#alert-triage-agent-in-data-loss-prevention-preview #MicrosoftSecurity #MicrosoftSentinel #MicrosoftCopilot #AgenticAI #SecurityOperations #EntraID #SIEM #AIinSecurity #Security