Microsoft Copilot for Security with Tanium Integration Demos - Tanium Tech Talks #87

With the recent release of Microsoft Copilot for Security, we’re thrilled to introduce the Tanium Copilot for Security app, bringing Tanium’s powerful resources into the Copilot interface. As one of the first Microsoft Security Copilot Partner Private Preview participants, we’re proud to be among the select few technology partners with plugins available on launch day for Copilot.

This integration allows users to benefit from familiar Tanium capabilities, such as using generative AI and natural language querying to quickly perform tasks and the ability to leverage real-time data to extract more value from connected solutions like Microsoft Defender for Endpoint, Azure Sentinel, threat intelligence platform, Tanium, and other vendors, all within Copilot for Security.

How Copilot for Security works

In the video, Mike walks us through several demos to illustrate how to set up Copilot, how it works, and the power of the Tanium integration. For example, in one demo he asks Copilot to describe a particular CVE to learn about a vulnerability [5:04]. He can then use the Tanium integration to find all the endpoints vulnerable to that CVE and pivot into the Tanium platform to take remediation actions since Copilot for Security is read-only at this time.

Mike also shows how easy it is to use Copilot and Tanium to create software bill of materials (SBOMs) that detail which endpoint devices have certain software installed. He describes the use case of how open-source software vulnerabilities have become a growing concern for organizations over the past few years. In this demo, he asks Copilot to use Tanium to provide a specific format to make performing investigations and drilling down into the data easier [10:40], highlighting the usability of Tanium within Copilot to ensure data accuracy.

Other notable demos outlined in the video include:

• The ability to ask open-ended questions like, “Hey, I’m pretty new to this. I don’t know exactly what I’m looking for, but gimme some advice on what I should do about it” [13:10]
• Diving deeper into ongoing processes to understand what’s happening in the environment, such as identifying whether a particular hash is malicious leveraging the combined power of the different solutions feeding data into Copilot [15:25]
• How to get Copilot for Security with Tanium up and running [20:00]

Watch the full video to learn more about other key components of Copilot and the Tanium integration, including how prompts work, setting user permissions, and what Tanium modules are needed to get started today.