Microsoft has enhanced Security Copilot by preinstalling a set of plugins for their security services and frequently used websites. Additionally, you have the option to incorporate Netskope custom plugins, expanding Gen AI capabilities on your Netskope platform.
Requirements Ensure you have an active Microsoft Security CoPilot account and are able to login to: https://securitycopilot.microsoft.com/ For more information on Security CoPilot please visit: Get started with Microsoft Security Copilot Early Access Program Create a local yaml file called NetskopeCoPilotSkill.yaml (filename can be anything). And paste the below in your yaml file:
https://github.com/mitchellgulledge2/MsftCoPilotPlugin/blob/main/Manifest.yaml
Note that in the file you will need to add your tenant domain in line 18 of the yaml file.
In addition to the local file you will also need your Netskope API token from your tenant with Read permissions for the below Netskope API v2 endpoints:
For more information on creating a v2 API token please refer to: https://docs.netskope.com/en/netskope-help/admin-console/rest-api/rest-api-v2-overview-312207/
Uploading Netskope Plugin as a custom Plugin Installing custom plugins This is where you will upload the Netskope Threat Hunting and Reporting Plugin.
Every Copilot plugin requires a YAML or JSON formatted manifest file, for example skillset.yaml or skillset.json, which describes metadata about the plugin and how to invoke the plugin. This is provided in the link above.
-
Select the Security Copilot plugin icon.
-
In Manage plugins, scroll down to the Custom section.
- Select Add plugin. You can choose between a Security Copilot plugin or an OpenAI plugin.
- Under Select an upload format click Security Copilot plugin and upload the yaml file you created in Requirements section.
- Finally you will be able to paste the API token you gathered in the previous steps from Netskope. (See above)
Sample Netskope Prompts
You can validate the 6 Skills are visible by entering /get as seen below:
