Cybersecurity firm Sophos has unveiled new integrations that plug its threat-intelligence platform, Sophos Intelix, directly into Microsoft Security Copilot and Microsoft 365 Copilot, giving organisations real-time access to its global threat insights within Microsoft’s fast-growing AI ecosystem.
Announced at the Microsoft Ignite Conference in San Francisco, the move is positioned as a major step toward “democratising cybersecurity,” enabling businesses of all sizes to strengthen their defences without leaving their core Microsoft environments.
Sophos says it processes more than 223 terabytes of telemetry every day, generating 34 million detections and automatically blocking 11 million threats across its customer base of over 600,000 organisations. That massive data pipeline fuels Intelix—now available for free to users of Microsoft’s Copilot tools.
AI-Driven Threat Intelligence Inside Security Copilot
The integration with Microsoft Security Copilot—the AI assistant for security operations teams—allows analysts to pull Sophos’ global threat intelligence directly into their investigations.
Security Copilot aggregates data across Microsoft Defender, Sentinel, Intune, Entra and Purview. With Sophos Intelix layered on top, analysts can:
- Enrich alerts and speed up triage using Sophos sandbox analysis and dynamic threat context
- Run file, URL and IP reputation lookups
- Access global threat prevalence data from Sophos X-Ops
- Investigate indicators of compromise using natural language
Sophos Intelix will also feature in Microsoft’s new Security Store, which hosts third-party agents, services and APIs.
Threat Checks Inside Teams and Microsoft 365
The second integration embeds Intelix inside Microsoft 365 Copilot, meaning everyday business users—not just security specialists—can access live threat intelligence through familiar tools such as Microsoft Teams and Copilot Chat.
Users will be able to:
- Query threat intelligence in natural language
- Check whether links, files or domains are tied to malicious activity
- Strengthen cyber-awareness and decision-making inside their workflow
Sophos says this levels the playing field by giving frontline workers access to the same intelligence used by advanced security operations centres.
Part of Microsoft’s Expanding Agent Ecosystem
Beyond Copilot, Sophos Intelix will plug into Microsoft’s emerging Agent 365 framework, which acts as a control plane for AI agents. The integration—secured through Entra identity—extends Sophos intelligence across the Microsoft 365 ecosystem with full compliance and observability.
Responding to a Growing Crisis in Cybersecurity Capacity
The rollout comes as cyberattacks grow faster and more sophisticated, while defenders remain chronically understaffed.
Sophos’ own research shows:
- 96% of SMB security teams struggle to investigate suspicious alerts
- 75% have difficulty remediating incidents quickly
- Attackers can now begin data exfiltration within three days, with only 2.7 hours between exfiltration and detection
- They can infiltrate Active Directory environments in as little as 11 hours
The company argues that accelerating access to high-quality threat intelligence is crucial for overburdened teams facing rising attack volumes.
Sophos and Microsoft Position the Future as Human–AI Defence
Simon Reed, Sophos’ Chief Scientific Research Officer, said the integrations mark a shift toward AI-augmented security operations.
“The future of SOC productivity is moving beyond graphical interfaces toward a new paradigm of human–AI collaboration,” he said. “By making Sophos threat intelligence available through Microsoft Security Copilot and Microsoft 365 Copilot, we’re giving defenders faster, more natural access to insights so they can respond with speed and precision.”
Vasu Jakkal, Microsoft’s Corporate Vice President for Security, said the partnership significantly amplifies defensive capabilities.
“AI is the force multiplier for defenders,” she said. “When partners like Sophos bring their agentic innovation into the Microsoft Copilot ecosystem, the impact is exponential.”
With threat actors accelerating their tactics and AI reshaping the cyber battlefield, the Sophos-Microsoft collaboration is being framed as a critical step in arming organisations—including resource-strapped SMBs—with enterprise-grade intelligence at scale.
More Stories
AFROLATIN TAMASHA RETURNS THIS NOVEMBER WITH A VIBRANT 8-COUNTRY SHOWCASE
Equity Targets Coastal Value Chain Growth in High-Level Mombasa Engagement
Kingdom Bank Expands Operations with Latest Nairobi Branch