IT scenario: Conduct a multi-cloud vulnerability impact assessment

Download scenario guide
Available with: Security Copilot and Microsoft Defender External Attack Surface Management Scenario level:
Buy

KPIs impacted

IT management costs

Application downtime

Value benefit

Cost savings

Employee experience

Using Copilot to conduct a multi-cloud vulnerability impact assessment


1. Understand multi-cloud posture

Understanding which cloud providers are part of your organization’s attack surface across your multi-cloud environment by connecting to your Microsoft Defender External Attack Surface Management capabilities.

Copilot icon

Copilot for Security

Prompt: What cloud providers are in my attack surface?

Response:  Presents breakdown of cloud providers in your attack surface.

2. Get cloud-specific vulnerability insights

Identify the specific vulnerabilities affecting assets on a particular cloud provider, allowing for focused remediation efforts and improved security posture.

Copilot icon

Copilot for Security

Prompt: What CVEs are impacting assets running on cloud provider X?

Response: Present breakdown of CVEs impacting assets hosted on cloud provider X.

3. Find vulnerable assets

Discover which assets are affected by a critical vulnerability, helping prioritize patching and mitigation to protect your most at-risk resources.

Copilot icon

Copilot for Security

Prompt: Which assets are impacted by <CVE-ID>  with <Technology X>

Response:  List of assets that are identified as impacted

4. In-depth vulnerability analysis

Obtain detailed information about a specific CVE, including its impact and mitigation strategies, to enhance your understanding and response capabilities.

Copilot icon

Copilot for Security

Prompt: What more information do you have about <CVE-ID>?

Response:  Details on <CVE-ID> provided.

5. Asset enrichment

Apply labels to assets for better organization and tracking, facilitating more efficient security operations and incident response.

Copilot icon

Copilot for Security

Prompt: Label these assets with “X”.

Response:  Link to apply labels provided.

6. Create report

Create a high-level report that provides executives with a clear summary of vulnerabilities and impacted assets, supporting informed decision-making and strategic planning.

Copilot icon

Copilot for Security

Prompt: Generate an executive level report for the assets running on cloud provider X, the CVEs impacting these assets and the respective counts, as well as details on CVE X.

Response:  Report generated

1Access Copilot at copilot.microsoft.com or the Microsoft Copilot mobile app and set toggle to “Web”.

2Access Business Chat at copilot.microsoft.com or the Microsoft Copilot mobile app and set toggle to “Web”.

3Copilot agents allow Microsoft 365 Copilot to access your organization-specific apps. In the past, this would have required an API call to get data from a system of record. The content in this example scenario is for demonstration purposes only. You should evaluate how Copilot aligns with your organization’s business processes, regulatory requirements, and responsible AI principles.

The content in this example scenario is for demonstration purposes only. You should evaluate how Copilot aligns with your organization’s business processes, regulatory requirements, and responsible AI principles.