Analyze recommendations with Microsoft Security Copilot

Microsoft Defender for Cloud's integration with Microsoft Security Copilot allows you to analyze all of the recommendations presented on the recommendations page. By narrowing the scope of the recommendations page, you can focus on specific recommendations and get a better understanding of your security posture.

Once the list of recommendations is filtered, you can investigate specific recommendations and gain a better understanding of the risks and vulnerabilities that are present in your environment.

Prerequisites

Analyze a recommendation

Microsoft Security Copilot gives you the ability to analyze your recommendations. Through the use of prompts, you can filter and refine the presented recommendations to focus on specific areas of interest.

  1. Sign in to the Azure portal.

  2. Search for and select Microsoft Defender for Cloud.

  3. Navigate to Recommendations.

  4. Select Analyze with Copilot.

    Screenshot of the recommendations page that shows where the Analyze with Copilot button is located.

  5. Select one of the suggested prompts or enter a prompt in natural language.

    Some sample prompts include:

    • Show risks for publicly exposed resources
    • Show risks for resources with sensitive data
    • Show risks for critical resources
    • Show risk to data
  6. Review the provided answer.

  7. (Optional) You can select a suggested prompt or enter a unique prompt to further refine the results.

  8. Select Apply filter to view the updated recommendations.

    Screenshot that shows where the Apply filter button is located in the Copilot window.

The recommendations page updates with the appropriate filters applied based on the prompt you provided. Copilot remains open and you can enter other prompts as needed.

Next step