Skip to content

Commit c6aad47

Browse files
add related and update title
1 parent c6d2864 commit c6aad47

File tree

1 file changed

+14
-4
lines changed

1 file changed

+14
-4
lines changed

articles/sentinel/sentinel-security-copilot.md

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ appliesto:
1616
ms.date: 06/26/2024
1717
---
1818

19-
# Access your Microsoft Sentinel data in Copilot for Security
19+
# Investigate Microsoft Sentinel incidents in Copilot for Security
2020

2121
Microsoft Copilot for Security is a platform that helps you defend your organization at machine speed and scale. Microsoft Sentinel provides a plugin for Copilot to help analyze incidents and generate hunting queries.
2222

@@ -26,6 +26,10 @@ Together with the iterative processing of other sophisticated Copilot for Securi
2626
> The "Microsoft Sentinel" and "Natural Language to KQL for Microsoft Sentinel" plugins are currently in PREVIEW. The [Azure Preview Supplemental Terms](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) include additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
2727
>
2828
29+
For more information on Copilot for Security, see the following articles:
30+
- [Get started with Microsoft Copilot for Security](/security-copilot/get-started-security-copilot)
31+
- [Understand authentication in Microsoft Copilot for Security](/security-copilot/authentication)
32+
2933
## Microsoft Copilot in Microsoft Sentinel (Preview)
3034

3135
Copilot for Security doesn't have an embedded experience in the Microsoft Sentinel Azure portal. However, because Microsoft Sentinel features are available in the Microsoft Defender portal as part of the unified security operations platform, [Copilot in Microsoft Defender XDR](/defender-xdr/security-copilot-in-microsoft-365-defender) provides some access to Microsoft Sentinel data with its integration experience.
@@ -48,13 +52,16 @@ To view these capabilities in Copilot, select the **Prompts** :::image type="ico
4852
### Enable the Microsoft Sentinel plugins in Copilot
4953

5054
1. Navigate to Copilot for Security at [https://securitycopilot.microsoft.com/](https://securitycopilot.microsoft.com/).
55+
5156
1. Open **Sources** :::image type="icon" source="media/sentinel-security-copilot/sources.png"::: in the prompt bar.
57+
5258
1. On the **Manage plugins** page, set the **Microsoft Sentinel (Preview)** toggle to **On**.
59+
5360
1. Optionally, set the **Natural language to KQL for Microsoft Sentinel (Preview)** toggle to **On**.
5461

55-
### Configure the Microsoft Sentinel source
62+
### Configure a default Microsoft Sentinel workspace
5663

57-
Increase your prompt accuracy when you have access to multiple Microsoft Sentinel workspaces by configuring one of them as the default.
64+
If you have access to multiple Microsoft Sentinel workspaces, increase your prompt accuracy by configuring one of them as the default.
5865

5966
1. On the **Manage plugins** page, select the gear icon on the Microsoft Sentinel (Preview) plugin.
6067

@@ -78,7 +85,7 @@ For more information, see [Using promptbooks](/copilot/security/using-promptbook
7885

7986
For general guidance on writing effective prompts, see [Prompting in Microsoft Copilot for Security](/security-copilot/prompting-security-copilot). Here are some examples that incorporate that guidance:
8087

81-
The second part of this prompt nudges Copilot to provide human readable information instead of responding with object IDs.<br>
88+
The second part of the following prompt nudges Copilot to provide human readable information instead of responding with object IDs.<br>
8289
`Show me Sentinel incidents that were closed as a false positive. Supply the Incident number, Incident Title, and the time they were created.`
8390

8491
Copilot knows who you are.<br>
@@ -93,3 +100,6 @@ A useful way to summarize the prompts and responses so far.<br>
93100
For more information on sample prompts, see [Rod Trent's Copilot for Security GitHub](https://github.com/rod-trent/Copilot-for-Security/blob/main/Prompts/Plugins/Sentinel.md).
94101

95102
### Related articles
103+
104+
- [Microsoft Copilot in Microsoft Defender](/defender-xdr/security-copilot-in-microsoft-365-defender)
105+
- [Microsoft Defender XDR integration with Microsoft Sentinel](microsoft-365-defender-sentinel-integration.md)

0 commit comments

Comments
 (0)