Microsoft has announced a significant expansion of its Security Copilot platform with new AI agents designed to autonomously handle critical cybersecurity tasks, allowing human defenders to focus on more complex threats.

The update introduces six Microsoft-built security agents and five partner-built agents that will be available for preview in April 2025.

The announcement comes as Microsoft's Threat Intelligence now processes an astounding 84 trillion signals daily, revealing exponential growth in cyberattacks including 7,000 password attacks per second and over 30 billion phishing emails detected in 2024 alone.

"The relentless pace and complexity of cyberattacks have surpassed human capacity and establishing AI agents is a necessity for modern security," said Vasu Jakkal, Corporate Vice President of Microsoft Security.

The six new Microsoft Security Copilot agents include a Phishing Triage Agent that identifies real threats versus false alarms, Alert Triage Agents for data loss prevention, a Conditional Access Optimization Agent for identity management, a Vulnerability Remediation Agent that prioritizes security patches, and a Threat Intelligence Briefing Agent that curates relevant threat data.

Five additional partner-built agents will also be available, including solutions from OneTrust, Aviatrix, BlueVoyant, Tanium, and Fletch, addressing specialized security needs from privacy breach response to network supervision.

Microsoft is also introducing new AI-powered data security investigation tools that will help organizations understand and mitigate sensitive data exposure through deep content analysis. This feature will be available for preview starting April 2025.

The announcement addresses growing concerns around AI security, with Microsoft citing a new report indicating that 57% of organizations have experienced increased security incidents from AI usage, while 60% have not yet implemented AI controls.

To help organizations secure their AI investments, Microsoft is extending its AI security posture management beyond Microsoft Azure and Amazon Web Services to include Google VertexAI and all models in the Azure AI Foundry catalog, with preview availability set for May 2025.

The company is also enhancing protections for emerging AI threats with new detections for risks identified by the Open Worldwide Application Security Project (OWASP), including indirect prompt injection attacks and sensitive data exposure.

To address the growing "shadow AI" phenomenon, where employees use unauthorized AI applications, Microsoft is making its AI web category filter generally available in Microsoft Entra internet access, allowing organizations to control which users can access different types of AI applications.

Additionally, Microsoft announced that Defender for Office 365 will expand to protect Microsoft Teams against phishing and other cyberthreats starting in April 2025, addressing the growing use of collaboration software as a target for attacks.

Alexander Stojanovic, Vice President of Microsoft Security AI Applied Research, emphasized that this is "just the beginning," promising continued innovation in security AI research to deliver greater value to customers "at the speed of AI."