Security Risk Advisors is a frequent advisor on and developer of new AI related technologies in the Cyber Security field. We will use this blog to highlight new and noteworthy ideas, approaches, and examples from our experiences securing our customers.
A Quick Look at Microsoft’s Inventory of AI Solutions
Microsoft has made massive bets on AI technology in the last year. Nearly every cyber leader today is wrestling with the use AI in their business, with both business leaders wanting to use CoPilot (it’s the new iPad!) and end users wanting to use ChatGPT.
As is often the case, the ecosystem of AI tools available from Microsoft can be overwhelming, with names sometimes overlapping. This blog post will give a quick overview of the key solutions you should understand at a high level. In the future, we will write blogs about key security controls for each solution.
A good analogy for understanding these tools is to apply the ‘aaS’ methodology many of us are familiar with in the cloud services space. This is just an analogy though, not meant to be rigid to help facilitate understanding.
Software as a Service
M365 Copilot
- M365 Copilot is the current premium offering from Microsoft that features deep integration of your data with strong AI tools like GPT-4. This solution takes a 2-pronged approach. First, it aggressively indexes shared data stores like SharePoint and OneDrive, and individual documents and conversations in Teams, email and Office. Second, it offers deep integrations of AI chat interfaces into the most commonly used tools such as Outlook, Word, Teams, PowerPoint, and Excel for quick and contextually relevant conversations. Each interaction uses not just your question, but the source application of your question, the data and documents you’re working on, and all of the knowledge it has built on you and your company through data indexing. This is a powerful and exciting service, and we will soon post a dedicated blog entry here to talk about key security controls you can use to protect and monitor this.
Microsoft Copilot
- Microsoft Copilot is essentially the free version of the M365 service. This service, most commonly available as a new browser integration inside of Microsoft Edge, does not index or search through internal company data, but does offer slightly better data security, since it can be told to not reuse your input data for training. This applies when using Microsoft Copilot through a licensed Microsoft company account.
Security Copilot
- A newly released SOC assistant focused on assisting with incident response, posture management, and reporting. This service is tightly aligned with security tools in the Microsoft ecosystem such as Defender, Intune, and Sentinel. It can provide incident summaries, script and code analysis, detection and hunting queries, and IR guidance.
Other
- There are more ‘Copilot’ services on the way as well, with specific focuses on common domains, such as Copilot for Service and Copilot for Sales.
Infrastructure as a Service
Azure OpenAI
- Azure OpenAI Service provides you the ability to deploy a private large language model (or embedding model) endpoint that you can build custom software and services around. When deployed, you get a personalized URL to access the LLM and a set of API keys to interact with it over its REST API. You can deploy many of the latest models of GPT-4, ADA, and others here. These services provide a foundation to build private AI solutions that can replace business use of public services like ChatGPT. SRA has built extensively on this platform for its own users and will share some of our wins in upcoming blog posts.
Azure AI Search
- Azure AI Search, formerly known as Azure Cognitive Search, is a vector database platform. It is configurable via the web and accessible via APIs and a critical service to make LLM’s come alive and allow them to become aware of custom internal data. These vector databases store data in a mechanism that AI knows how to interact with and can provide highly relevant search results to augment the knowledge base in real time for the LLM to reason over. Microsoft uses a very similar service as the underpinning for M365 Copilot.
Other Services
- Microsoft has several other very specific tools and capabilities that can be used as components in AI solutions, such as Computer Vision, Document Intelligence, Anomaly Detector, and more.
Platform as a Service
Azure AI Studio
- Azure AI Studio debuted at Microsoft Ignite in 2023 and is a browser-based IDE (integrated development environment). It has powerful tools and a user interface for building your own solutions that allows you to skip going through the effort of deploying and connecting the components from the IaaS section above. It can work with Visual Studio on the desktop to enable both traditional coding and the visual development experience. This solution allows for custom data source integration from files to third party APIs into AI workflows, allowing your applications to be as powerful and innovative as M365 Copilot, but around data sets outside of Microsoft’s software and data applications. It is reminiscent of the powerful vendor-neutral AI development library Langchain, except authored with a visual interface and focusing on Microsoft’s underlying architecture.
Copilot Studio
- Copilot Studio is the most simple and easy to use experience, built to be familiar to any users who have used Azure Logic Apps (Microsoft automation workflow). Copilot studio helps you augment and refine the responses that your paid Copilot service will provide to you, by integrating outside data source and custom workflows. With this service, you can debut new and custom ‘Copilots’, melding external, internal, structured, and unstructured in new ways to meet the needs of your organization.
Azure OpenAI Studio
- While confusingly similar in name to Copilot Studio, Azure OpenAI Studio is a service that is actually part of Azure OpenAI listed in the IaaS section. Azure OpenAI Studio is focused on providing the user a quick way to play with the configuration of their LLM, and see what the corresponding code might look like to get similar results when deployed in their own application.
Summary
That was a lot but we hope it was helpful to clarify the various types of AI related resources Microsoft is currently bringing to market. Putting them into our ‘aaS’ buckets helps to structure thinking about what the tools are – solutions, building blocks, or platforms to help with development. Check back regularly as we will continue to add to this blog series diving into many of these technologies with solutions and advice for helping to secure them!
Mike Pinch
Mike is Security Risk Advisors’ Chief Technology Officer, heading innovation, software development, AI research & development and architecture for SRA’s platforms. Mike is a thought leader in security data lake-centric capabilities design. He develops in Azure and AWS, and in emerging use cases and tools surrounding LLMs. Mike is certified across cloud platforms and is a Microsoft MVP in AI Security.
Prior to joining Security Risk Advisors in 2018, Mike served as the CISO at the University of Rochester Medical Center. Mike is nationally recognized as a leader in the field of cybersecurity, has spoken at conferences including HITRUST, H-ISAC, RSS, and has contributed to national standards for health care cybersecurity frameworks.