Cybersecurity vendor Sophos has announced the general availability of new integrations that connect Sophos Intelix, its cyber threat intelligence repository, with Microsoft Security Copilot and Microsoft 365 Copilot. Organizations of all sizes now gain real-time access to Sophos threat intelligence within Microsoft’s AI-powered environments, helping them strengthen defenses and respond to threats
Sophos, a global leader of innovative security solutions for defeating cyberattacks, today announced the general availability of new integrations that connect Sophos Intelix, its robust repository of cyber threat intelligence, with Microsoft Security Copilot and Microsoft 365 Copilot. Introduced at the Microsoft Ignite Conference in San Francisco, organizations of all sizes gain real-time access to Sophos threat intelligence within Microsoft’s AI-powered environments, helping them strengthen defenses and respond to threats more effectively.
“I’m pleased to share three significant updates that advance cybersecurity for organizations that rely on Microsoft technologies,” said Simon Reed, Chief Research and Scientific Officer at Sophos, who is responsible for leading Sophos X-Ops, the company’s cross-domain task force unit that includes more than 500 threat intelligence and cybersecurity experts from SophosLabs, Sophos SecOps and Sophos AI These milestones expand the reach of Sophos’ world-class threat intelligence and managed detection and response (MDR) capabilities into the Microsoft ecosystem, helping IT and cybersecurity teams strengthen protection and accelerate threat response.
Every day, Sophos processes more than 223 terabytes of telemetry in its Sophos Central platform, generating over 34 million detections and automatically blocking more than 11 million threats. This global scale of customer insight continuously informs Sophos product and services and fuels the intelligence within Sophos Intelix, which is now accessible for free to users of Microsoft Security Copilot and Microsoft 365 Copilot. Reed said that this democratizes cybersecurity for organizations of all sizes, meeting them wherever they are in their cybersecurity journey, within the Microsoft Copilot ecosystem.
The first of the advances is Sophos Intelix for Microsoft Security Copilot.
“Sophos Intelix provides advanced threat context and enrichment capabilities directly into Microsoft Security Copilot, Microsoft’s generative AI assistant for Security Operation Center (SOC) and IT teams,” Reed said. “Security Copilot connects data across Microsoft Defender, Sentinel, Intune, Entra, and Purview, allowing analysts and expert users to query and investigate threats using natural language enriched with Sophos’ insights from protecting more than 600,000 organizations. These teams are often protecting organizations 24/7/365 and require the latest intelligence at their fingertips at all times to protect their organization.” Through this integration, security analysts and IT teams can:
- Enrich alerts and triage incidents faster using Sophos Intelix intelligence and services including sandbox detonation and dynamic analysis.
- Investigate indicators of compromise (IOCs) with file, URL, and IP reputation lookups.
- Access global insights and prevalence data from Sophos X-Ops directly within Security Copilot.
Sophos Intelix will also be available in Microsoft’s new Security Store for third-party agents, MCP services, and APIs.
The second advancement is Sophos Intelix for Microsoft 365 Copilot.
‘Sophos Intelix also integrates with Microsoft 365 Copilot, making comprehensive threat intelligence available and accessible for the masses within everyday Microsoft productivity tools such as Teams and Microsoft 365 Copilot Chat,” Reed stated. Security and IT professionals can now query Sophos Intelix in natural language from within Microsoft 365 apps, including Teams and Outlook, to investigate threats, analyze URLs or files, and receive instant, explainable verdicts. The result is actionable security intelligence seamlessly embedded into the tools organizations use every day.
With Sophos Intelligence in Microsoft 365, IT administrators, risk managers, and business users can:
- Query Sophos threat intelligence in natural language directly within Microsoft 365 Copilot Chat and Microsoft Teams..
- Strengthen cyber awareness and decision-making abilities within productivity tools they’re using daily.
- Check whether links , files or domains are associated with known malicious activity.
The third component is Microsoft Agent 365 Capabilities for Sophos Intelix.
Sophos Intelix will also integrate with Microsoft’s growing Copilot and agent ecosystem, extending Sophos intelligence across the Microsoft 365 ecosystem. Powered by Entra-based identity management, this integration enables organizations to bring Sophos Intelix into their agent portfolio with full observability and compliance.
Microsoft Agent 365 serves as the control plane for AI agents, allowing organizations to extend their existing infrastructure, applications, and protections to agents, while using familiar capabilities that have been adapted to agent needs. Together, these integrations further strengthen Sophos’ commitment to delivering advanced intelligence wherever organizations operate within the Microsoft agent ecosystem. By exposing Sophos Intelix within the Microsoft Copilot ecosystem, Sophos makes threat intelligence universally accessible, helping organizations accelerate analysis, reduce response time, and improve security outcomes.
“The Microsoft Copilot ecosystem is transforming how people interact with technology by bringing natural language interfaces into the core of its Copilot ecosystem,” Reed said. “The future of SOC productivity is moving beyond the graphical user interfaces we’ve relied on since the 1980s, toward a new paradigm of human–AI collaboration. AI assistants powered by expansive datasets, deep threat intelligence, and advanced systems are fundamentally reshaping how analysts work. By making Sophos threat intelligence available through both Microsoft Security Copilot and Microsoft 365 Copilot, we’re giving defenders faster, more natural access to insights that help them respond to threats with speed, precision, and confidence.”
“AI is the force multiplier for defenders, and when partners like Sophos bring their agentic innovation into the Microsoft Copilot ecosystem, the impact is exponential. Together, we’re not just building tools – we’re creating a new era of intelligent, collaborative cyber defense,” said Vasu Jakkal, Corporate Vice President, Microsoft Security.