How to Monitor and manager Copilot for Security in an Enterprise, though?

Andre Camillo, CISSP
4 min readJun 22, 2024

Copilot for Security relies on a specific compute resource called SCU (Security Comput Unit). This resource exists in your Azure tenant and can be fully managed (and monitored) with the usual suspects for Cloud management.

Let’s have a look at the options we have.

Challenge

Imagine you’re a business owner and needs to keep costs and proper program rollouts in check. Copilot for Security being a new Azure service can be someting that hasn’t been formally addressed in your Roadmap / program and thus might lead to openings for admins to enable and create resources without the proper Business approval and / or guidance.

Cons in this situation are multiple, costs, lack of proper use of the service and misunderstanding of the solution — ultimately.

If you want to avoid a bill shock — ensure good business processes, let’s look at why:

  • 1. Azure management role

Only proper Azure resource managers with specific admin roles can enable the service. Anyone in such position should be careful to follow processes and procedures to enable services while ensuring proper business use cases and maintenance have been established.

  • 2. Resource enablement

--

--

Andre Camillo, CISSP

Cloud, AI and Cyber Security tech, Career, Growth Mindset. Find my Discord &more: https://linktr.ee/acamillo . Architect @Crowdstrike. Opinions are mine!