"Security teams don’t need more noise": Microsoft Copilot now surfaces dark web threat intelligence
Bitsight teams up with Microsoft to monitor threats emerging from the dankest corners of the hidden web.
Microsoft's Security Copilot can now dig up threat intelligence from the dark web.
Redmond has partnered with Bitsight, a cyber risk intelligence firm, to provide info dredged from the darkest corners of the hidden web and presented within the new Threat Intelligence Briefing Agent.
This includes data relating to cybercriminal activity, intel from underground marketplaces and details of emerging threats to "empower organisations with the delivery of timely, high-context briefings" tailored by sector, geography and attack surface.
The agent also provides automated intelligence to help security teams focus on the most important threats.
"Today’s security teams don’t need more noise - they need curated, real-time intelligence they can act on,” said Gabi Reish, Vice President of Product at Bitsight.
"By combining Bitsight’s unique threat intelligence with Microsoft’s AI capabilities, we’re delivering personalised, actionable insights that empower organisations to anticipate, prepare for and respond to cyber threats with confidence. Our collaboration with Microsoft reflects our deep commitment to innovation, accessibility and advancing cyber resilience across the industry."
Shedding light on the dark web
The platform provides actionable intelligence on ransomware and advanced persistent threats (APTs) targeting specific sectors and regions. This includes detailed profiles of threat actors, associated indicators of compromise (IOCs), and related malware strains.
It also delivers insights into vulnerabilities linked to an organisation’s attack surface. These include exploits discussed or traded on underground forums, proof-of-concept code, and vulnerabilities actively being used in the wild.
Additionally, the service enhances visibility into identity-related risks by surfacing exposed or compromised credentials. It tracks instances where access credentials are being shared or sold on dark web marketplaces.
READ MORE: Cops seize Archetyp, arrest bosses of "longest-standing" dark web drug marketplace
"This isn’t just about staying informed - it’s about staying ahead of emerging threats with personalised, actionable insights delivered seamlessly into an organisation's workflow," said Paul Brightmore, Principal Group Product Manager, Microsoft.
"Bitsight’s industry-leading threat intelligence data - spanning the deep and dark web - makes it a great partner for our new Briefing Agent. Together, we can engage our customers with dynamic, intelligent automation and insights that enable them to act faster and with greater confidence."
Microsoft's dalliances with the dark web
This is not the first time Microsoft has delved into the dark web. Defender allows users to monitor specific details and identity assets.
"When we spot your personal details in a breach, you’ll receive an alert and a detailed breach report telling you exactly what data was found and where, together with suggested next steps to either resolve the breach or ensure it doesn’t affect you again," Microsoft wrote.
"Dark web scanning will also report on other identity assets found in breaches through intelligent association, even if you didn’t explicitly add those to your profile."
This means that if information like your mother's maiden name, social Security number or PayPal and eBay details hit the dark web, you will be alerted quickly and be able to take action to secure your identity.
Read our full interview with Bitsight's Gabi Reish here.
Do you have a story or insights to share? Get in touch and let us know.
