Inspira Enterprise, a global leader in cybersecurity, data, and AI solutions, digital resilience, and platform-driven transformation, today announced the general availability of two agents in Microsoft Security Copilot, the MITRE ATT&CK Coverage Insight Agent and the Initial Triage Agent, both now live on the Microsoft Security Store. The MITRE ATT&CK Coverage Insight Agent evaluates analytic rule coverage, calculates ATT&CK coverage, identifies detection gaps, generates detection recommendations, and provides maturity scoring for Security Operations Centers; ATT&CK is a MITRE knowledge base of adversarial tactics, techniques, and procedures. The Initial Triage Agent performs deterministic, evidence-based triage of Microsoft Sentinel and Microsoft Defender XDR incidents, delivering verdicts, confidence scores, classification reasoning, attack timelines, and recommended actions in a structured format built for SOC workflows. The availability of both agents on the Microsoft Security Store brings additional security signals, investigation capabilities, and SOC automation into Security Copilot.
“AI is the force multiplier for defenders, and when partners bring their agentic innovation into the Security Copilot ecosystem, the impact is exponential. Together, we’re not just building tools—we’re creating a new era of intelligent, collaborative cyber defense,” said Vasu Jakkal, Corporate Vice President, Microsoft Security.
Microsoft Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft’s unique global threat intelligence and more than 84 trillion daily signals. Microsoft Security’s storefront makes it simple for customers to discover, buy, and deploy agents and other integrated partner solutions that enhance security operations and posture.
Agents in Security Copilot autonomously manage high-volume security and IT tasks and seamlessly integrate with Microsoft Security solutions and partner solutions. Purpose-built for security, these agents learn from feedback, adapt to organizational workflows with your team fully in-control, and operate securely within Microsoft’s Zero-Trust framework.
Commenting on this achievement, Chetan Jain, Managing Director, Inspira Enterprise, said, “In today‘s fast-evolving threat landscape, CISOs are under constant pressure to accelerate threat detection, reduce analyst fatigue, and build a thorough understanding of their vulnerabilities and adversary exposure. With agents now generally available in Microsoft Security Copilot, we are equipping organizations with the intelligence and automation required to proactively strengthen defenses and establish cyber resilience. By integrating Inspira’s deep technical acumen in cybersecurity with the advanced capabilities of Microsoft Security Copilot, our offerings empower organizations to adopt a more proactive, intelligence-driven cybersecurity approach — scaling detection coverage and SOC response in lockstep.
We are pleased to announce that Inspira Enterprise now has two agents generally available on the Microsoft Security Store, both purpose-built within Microsoft Security Copilot to help security teams strengthen defenses and accelerate operations.
1. MITRE ATT&CK Coverage Insight Agent by Inspira Enterprise
The MITRE ATT&CK Coverage Insight Agent is a detection coverage analyzer for Microsoft Sentinel, built within Security Copilot, that evaluates analytic rule coverage, calculates ATT&CK coverage, identifies detection gaps, generates detection recommendations, and provides SOC detection maturity scoring.
On each run, the agent delivers an executive summary of MITRE ATT&CK coverage, an overall coverage percentage, tactic-level and technique-level coverage breakdowns, a critical uncovered technique list, risk rationale for high-impact gaps, detection improvement recommendations with prioritized remediation guidance, example Sentinel-compatible KQL queries, and coverage risk assessment insights for leadership and SOC teams. The agent performs analysis only — it does not execute queries or modify rules — helping teams prioritize missing detections, improve analytic rule coverage, and align security operations with real adversary behaviours.
🔗 https://securitystore.microsoft.com/solutions/inspiraenterpriseinc1683208138220.securitycopilotagent
2. Initial Triage Agent by Inspira Enterprise
The Initial Triage Agent is a deterministic, contract-locked initial triage agent for Microsoft Sentinel and Microsoft Defender XDR incidents. Built within Security Copilot, it automatically detects the incident source and retrieves incident metadata, alerts, entities, comments, status and classification context, guided response (where available), and historical incidents with matching entities or similar alert patterns.
The agent performs evidence-based triage across new, active/open, and closed/resolved incidents using only Sentinel and Defender XDR–native data, and applies bounded historical closure pattern analysis to improve analyst-grade disposition consistency. On every execution, it produces a structured, Logic App–ready output that includes a Verdict, Confidence Score, Classification Reasoning, Live Entity Investigation Summary, Critical Evidence Observed, Attack Timeline, Recommended Actions, incident source identification (Sentinel or XDR), current status and context assessment, and relevant historical incident comparison insights.
Importantly, the agent is read-only — it does not modify incidents, alerts, or configurations — which helps SOC teams shorten mean-time-to-triage, reduce alert fatigue, and drive consistent Tier-1 decision-making while keeping analysts firmly in control.
Where to find Inspira Enterprise’s agents
Both agents are available on the Microsoft Security Store, which makes it simple for customers to discover, buy, and deploy agents and other integrated partner solutions that enhance security operations and posture. To try them in GA, go to the Microsoft Security Store, click the “Agents” tab, and search for “Inspira” under Browse all agents.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
