GenAI-Driven Threat Detection with Microsoft Security Copilot
Microsoft has developed a Dynamic Threat Detection Agent (DTDA) integrated into its Security Copilot, designed to autonomously investigate security incidents and generate novel alerts. This agent utilizes a unified activity timeline, versioned LLM prompt contracts, and a planner-executor loop to uncover hidden threats. In evaluations, DTDA achieved 80.1% precision and improved F1 scores by up to 0.26 points over baseline methods when using GPT-5.4, demonstrating its capability to identify missed malicious activity at scale. AI
IMPACT Enhances cybersecurity by automating threat detection and analysis, potentially reducing response times and improving accuracy.