This is the Trace Id: 2e41a30725aa33a71bf5063553332a71
Skip to main content Microsoft Defender Microsoft Entra Microsoft Intune Microsoft Purview Microsoft Security Copilot Microsoft Sentinel View all products AI-powered cybersecurity Cloud security Data security & governance Identity & network access Privacy & risk management Security for AI Small and medium business Unified SecOps Zero Trust Pricing Services Partners Why Microsoft Security Cybersecurity awareness Customer stories Security 101 Product trials How we protect Microsoft Industry recognition Microsoft Security Insider Microsoft Digital Defense Report Security Response Center Microsoft Security Blog Microsoft Security Events Microsoft Tech Community Documentation Technical Content Library Training & certifications Compliance Program for Microsoft Cloud Microsoft Trust Center Security Engineering Portal Service Trust Portal Microsoft Secure Future Initiative Business Solutions Hub Contact Sales Start free trial Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Software companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap
MICROSOFT DEFENDER

Cut the noise. Catch the threats.

Find real attacks faster and free analysts to focus on investigations with the Security Alert Triage Agent, designed to autonomously triage phishing, identity, and cloud alerts. New to Microsoft Defender? Start a free trial.
Start using the agent
Security Alert Triage Agent dashboard showing multiple incident alerts, powered by Microsoft Security Copilot.
KEY BENEFITS

Less time triaging. More time stopping real threats.

  • Tackle heavy alert volume without fatigue while prioritizing high-risk incidents with clear, AI-powered triage decisions.1
  • Keep your analyst’s attention where it matters most and let the agent dynamically filter out the false alarms.1
  • Move from static classification to confident agentic triage that applies dynamic reasoning and learns from feedback.1
  • Filter out low-value signals and get to the real fires faster, even as alert noise outpaces team capacity.1
  • Built-in visibility shows agent decision making—giving teams context to trust verdicts and more confidence to respond.1
AGENT SETUP

Start using the Security Alert Triage Agent

Person working at a desk with dual monitors displaying yellow interfaces.

Set up now

Get step-by-step instructions and understand the permissions you need in Microsoft Defender.
Get started
Person checking a mobile phone while using a tablet at a table.

Set up later

Getting started is easier on a desktop device. Email a link to yourself or your team to follow up on set-up steps.
Send a reminder
Person working at a desk with dual monitors displaying yellow interfaces.

Set up now

Get step-by-step instructions and understand the permissions you need in Microsoft Defender.
Get started
Person checking a mobile phone while using a tablet at a table.

Set up later

Email a link to yourself or your team to follow up on set-up steps.
Send a reminder
Person working at a desk with dual monitors displaying yellow interfaces.

Set up now

Get step-by-step instructions and understand the permissions you need in Microsoft Defender.
Get started
RESOURCES

Triage is just the beginning

See what’s possible when agentic AI works across your security stack.
Person working on a laptop at a desk in a glass-walled office.
Workshop

Deep dive into Microsoft Security Copilot

Learn how to leverage and integrate AI through free, hands-on technical workshops.
Sign up now
Person holding a tablet with a colorful data visualization overlay.
Solutions

Use Microsoft Security Copilot in your workflow

Get AI support for incident response, threat hunting, intelligence gathering, and posture management.
Learn more
Two coworkers collaborating at a desktop computer in a modern office.
Support

Get help setting up the Security Alert Triage Agent

Eligible customers can request assistance from a FastTrack expert.
Learn more
Back to carousel navigation controls
  1. [1]
    Our results demonstrate that agent-augmented analysts achieved up to 6.5 times as many true positives per analyst minute and a 77% improvement in verdict accuracy compared to a control group. The agent’s queue prioritization and verdict explanations were both significant drivers of efficiency. Behavioral analysis revealed that agent-augmented analysts reallocated their attention, spending 53% more time on malicious emails, and were not prone to rubber-stamping the agent’s malicious verdicts.

Follow Microsoft Security

Surface Pro Surface Laptop Surface Laptop Ultra Surface RTX Spark Dev Box Copilot for organizations Copilot for personal use Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Software companies Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States) Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads