April 28: Inspira Enterprise, a global leader in cybersecurity, data, and AI solutions, today announced the general availability of two advanced AI agents within Microsoft Security Copilot the MITRE ATT&CK Coverage Insight Agent and the Initial Triage Agent. Both solutions are now live on the Microsoft Security Store.
The launch strengthens enterprise security capabilities by enhancing threat detection, investigation, and automation within modern Security Operations Centers (SOCs).
Enhancing Cyber Defense with AI
The newly launched agents bring additional intelligence and automation into Security Copilot, enabling organizations to:
- Improve detection coverage
- Accelerate incident triage
- Reduce analyst fatigue
- Strengthen overall cyber resilience
Vasu Jakkal, Corporate Vice President, Microsoft Security, said:
“AI is the force multiplier for defenders, and when partners bring their agentic innovation into the Security Copilot ecosystem, the impact is exponential. Together, we’re creating a new era of intelligent, collaborative cyber defense.”
Agent Highlights
MITRE ATT&CK Coverage Insight Agent
Designed for Microsoft Sentinel, this agent:
- Evaluates analytic rule coverage
- Calculates ATT&CK framework coverage
- Identifies detection gaps and risks
- Generates prioritized remediation recommendations
- Provides SOC maturity scoring
It delivers structured insights including coverage percentages, tactic-level breakdowns, and actionable recommendations—helping organizations align defenses with real-world adversary behaviors.
Initial Triage Agent
Built for both Microsoft Sentinel and Microsoft Defender XDR, this agent:
- Performs evidence-based incident triage
- Generates verdicts and confidence scores
- Provides classification reasoning and attack timelines
- Recommends response actions
- Delivers structured, automation-ready outputs
The agent operates in a read-only mode, ensuring analysts remain in control while significantly reducing mean-time-to-triage and improving decision consistency.
Leadership Commentary
Chetan Jain, Managing Director, said:
“In today’s fast-evolving threat landscape, CISOs are under constant pressure to accelerate detection and reduce analyst fatigue. With our agents now generally available in Microsoft Security Copilot, we are enabling organizations to adopt a proactive, intelligence-driven cybersecurity approach—scaling detection coverage and SOC response in lockstep.”
Platform Integration and Availability
Microsoft Security Copilot combines advanced large language models with Microsoft’s global threat intelligence, processing over 84 trillion daily signals to help security teams respond to threats at machine speed.
Both agents are now available on the Microsoft Security Store, enabling organizations to seamlessly discover, deploy, and integrate them into existing security workflows.
