Merge pull request #277198 from danielledennis/main

Update easm-copilot.md

Author: Jak-MS

articles/external-attack-surface-management/easm-copilot.md

@@ -16,7 +16,7 @@ ms.localizationpriority: high
 
 Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure. This visibility enables security and IT teams to identify unknowns, prioritize risk, eliminate threats, and extend vulnerability and exposure control beyond the firewall. Attack Surface Insights are generated by analyzing vulnerability and infrastructure data to showcase the key areas of concern for your organization. 
 
-Defender EASM’s integration with Copilot for Security enables users to interact with Microsoft’s discovered attack surfaces. These attack surfaces allow users to quickly understand their externally facing infrastructure and relevant, critical risks to their organization. They provide insight into specific areas of risk, including vulnerabilities, compliance, and security hygiene. For more information about Copilot for Security, go to [What is Microsoft Copilot for Security](/security-copilot/microsoft-security-copilot).
+Defender EASM’s integration with Copilot for Security enables users to interact with Microsoft’s discovered attack surfaces. These attack surfaces allow users to quickly understand their externally facing infrastructure and relevant, critical risks to their organization. They provide insight into specific areas of risk, including vulnerabilities, compliance, and security hygiene. For more information about Copilot for Security, go to [What is Microsoft Copilot for Security](/security-copilot/microsoft-security-copilot).  For more information on the embedded Copilot for Security experience, refer to [Query your attack surface with Defender EASM using Microsoft Copilot in Azure](/azure/copilot/query-attack-surface). 
 
 
 **Copilot for Security integrates with Defender EASM**.
@@ -90,6 +90,8 @@ For more information on writing Copilot for Security prompts, go to [Microsoft C
 | Get expired domains | Returns the number of expired domains for either the customer’s Defender EASM resource or a given company name.  | **Example inputs:** <br> • How many domains are expired in LinkedIn’s attack surface?    <br> • How many assets are using expired domains for Microsoft?   <br> • How many domains are expired in my attack surface?    <br> • How many of my assets are using expired domains for Microsoft?  <br><br> **Optional inputs:**  <br> • CompanyName | If your plugin is configured to an active Defender EASM resource and no other company is specified: <br> • return the number of expired domains for the customer’s Defender EASM resource  <br><br>  If another company name is provided:  <br> • If no exact for match for company name, returns a list of possible matches.  <br> • If there's an exact match, return the number of expired domains for the given company name.  |
 | Get expired certificates | Returns the number of expired SSL certificates for either the customer’s Defender EASM resource or a given company name.  | **Example inputs:**  <br> • How many SSL certificates are expired for LinkedIn?   <br> • How many assets are using expired SSL certificates for Microsoft?  <br> • How many SSL certificates are expired for my attack surface?   <br> • What are my expired SSL certificates?   <br><br> **Optional inputs:** <br> • CompanyName |  If your plugin is configured to an active Defender EASM resource and no other company is specified:  <br> • return the number of SSL certificates for the customer’s Defender EASM resource. <br><br> If another company name is provided: <br> • If no exact for match for company name, returns a list of possible matches.  <br> • If there's an exact match, return the number of SSL certificates for the given company name.  |
 | Get SHA1 certificates | Returns the number of SHA1 SSL certificates for either the customer’s Defender EASM resource or a given company name.  | **Example inputs:** <br> • How many SSL SHA1 certificates are present for LinkedIn?   <br> • How many assets are using SSL SHA1 for Microsoft?  <br> • How many SSL SHA1 certificates are present for my attack surface?   <br> • How many of my assets are using SSL SHA1?  <br><br> **Optional inputs:** <br> • CompanyName |  If your plugin is configured to an active Defender EASM resource and no other company is specified:  <br> • return the number of SHA1 SSL certificates for the customer’s Defender EASM resource <br><br>  If another company name is provided: <br> • If no exact for match for company name, returns a list of possible matches.  <br> • If there's an exact match, return the number of SHA1 SSL certificates for the given company name.  | 
+| Translate Natural Language to Defender EASM Query | Translates any natural language question into a Defender EASM query and returns the assets that match the query. | **Example Inputs:** <br> • What assets are using jQuery version 3.1.0? <br> • Get the hosts with port 80 open in my attack surface. <br> • find all the page, host and asn assets in my inventory with an ip address that is IP X, IP Y, or IP Z. <br> • Which of my assets have a registrant email of "[email protected]" | If your plugin is configured to an active Defender EASM resource: <br> • return the assets matching with the translated query. |
+
 
 
 ## Switching between resource and company data