IT scenario: Conduct a multi-cloud vulnerability impact assessment
Available with: Security Copilot and Microsoft Defender External Attack Surface Management Scenario level:
KPIs impacted
IT management costs
Application downtime
Value benefit
Cost savings
Employee experience
Using Copilot to conduct a multi-cloud vulnerability impact assessment
1. Understand multi-cloud posture
Understanding which cloud providers are part of your organization’s attack surface across your multi-cloud environment by connecting to your Microsoft Defender External Attack Surface Management capabilities.
Copilot for Security
Prompt: What cloud providers are in my attack surface?
Response: Presents breakdown of cloud providers in your attack surface.
2. Get cloud-specific vulnerability insights
Identify the specific vulnerabilities affecting assets on a particular cloud provider, allowing for focused remediation efforts and improved security posture.
Copilot for Security
Prompt: What CVEs are impacting assets running on cloud provider X?
Response: Present breakdown of CVEs impacting assets hosted on cloud provider X.
3. Find vulnerable assets
Discover which assets are affected by a critical vulnerability, helping prioritize patching and mitigation to protect your most at-risk resources.
Copilot for Security
Prompt: Which assets are impacted by <CVE-ID> with <Technology X>
Response: List of assets that are identified as impacted
4. In-depth vulnerability analysis
Obtain detailed information about a specific CVE, including its impact and mitigation strategies, to enhance your understanding and response capabilities.
Copilot for Security
Prompt: What more information do you have about <CVE-ID>?
Response: Details on <CVE-ID> provided.
5. Asset enrichment
Apply labels to assets for better organization and tracking, facilitating more efficient security operations and incident response.
Copilot for Security
Prompt: Label these assets with “X”.
Response: Link to apply labels provided.
6. Create report
Create a high-level report that provides executives with a clear summary of vulnerabilities and impacted assets, supporting informed decision-making and strategic planning.
Copilot for Security
Prompt: Generate an executive level report for the assets running on cloud provider X, the CVEs impacting these assets and the respective counts, as well as details on CVE X.
Response: Report generated
1Access Copilot at copilot.microsoft.com or the Microsoft Copilot mobile app and set toggle to “Web”.
2Access Business Chat at copilot.microsoft.com or the Microsoft Copilot mobile app and set toggle to “Web”.
3Copilot agents allow Microsoft 365 Copilot to access your company-specific apps. In the past, this would have required an API call to get data from a system of record. The content in this example scenario is for demonstration purposes only. You should evaluate how Copilot aligns with your organization’s business processes, regulatory requirements, and responsible AI principles.
The content in this example scenario is for demonstration purposes only. You should evaluate how Copilot aligns with your organization’s business processes, regulatory requirements, and responsible AI principles.
