New RSA Agent for Admin Threats Now Generally Available in Microsoft Security Copilot
New RSA Agent for Admin Threats Now Generally Available in Microsoft Security Copilot
SAN FRANCISCO--(BUSINESS WIRE)--RSA Security today announced the general availability of its RSA Advisor for Admin Threats agent in Microsoft Security Copilot.
“We accelerated development of the RSA Advisor for Admin Threats agent to give security leaders the essential AI capabilities they need to quickly detect and resolve high-risk activity," said Jim Taylor, RSA President, Chief Product and Strategy Officer.
Share
“AI is the force multiplier for defenders, and when partners bring their agentic innovation into the Security Copilot ecosystem, the impact is exponential. Together, we’re not just building tools—we’re creating a new era of intelligent, collaborative cyber defense.” - Vasu Jakkal, Corporate Vice President, Microsoft Security.
“We accelerated development of the RSA Advisor for Admin Threats agent to give security leaders the essential AI capabilities they need to quickly detect and resolve high-risk activity or insider threats in RSA ID Plus for Microsoft tenants,” said RSA President, Chief Product and Strategy Officer Jim Taylor. “In a recent RSA survey of more than 2,100 global security leaders, agentic AI emerged as the top cybersecurity priority, and 91% said they plan to integrate AI into their tech stack. We’re working with Microsoft to meet customers’ demands and build the agents organizations need to quickly detect and stop threats.”
Microsoft Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft's unique global threat intelligence and more than 84 trillion daily signals.
Agents in Security Copilot autonomously manage high-volume security and IT tasks and seamlessly integrate with Microsoft Security solutions and partner solutions. Purpose-built for security, these agents learn from feedback, adapt to organizational workflows with your team fully in-control, and operate securely within Microsoft’s Zero-Trust framework.
Introducing RSA Advisor for Admin Threats by RSA Security in Security Copilot
Enhanced by Security Copilot’s global threat intelligence, the RSA Advisor for Admin Threats agent improves organizational security by deploying enhanced, comprehensive monitoring on admin accounts and alerting security teams about any suspicious activity that could indicate a compromised administrator account or insider threats. The agent helps security teams resolve threats faster and more effectively by automating log searches and correlating events using natural language prompts. Once configured, RSA Advisor for Admin Threats will integrate with Microsoft Sentinel’s Data Lake and enable advanced analytics, alerting, and AI-driven investigation capabilities.
Where to find RSA Advisor for Admin Threats by RSA Security:
You can find this agent on the Microsoft Security Storefront – the Microsoft Security Storefront makes it simple for customers to discover, buy, and deploy agents and other integrated partner solutions that enhance security operations and posture.
If you would like to try this agent in GA, go to Microsoft Security Storefront and click on the “Agents” tab. From there, you can search for the agent by name under “Browse all agents.”
How to buy this agent?
Buy the required SaaS solution for the agent through Security Storefront, and setup the SaaS after purchase.
How to set up and configure this agent?
Deploy through Security Storefront, which deploys the agent and dependencies such as Sentinel data lake jobs. Once deployment is complete, you will be redirected to Security Copilot to configure and work with the agent.
Resources:
RSA Advisor for Admin Threats – Microsoft Security Store
2026 RSA ID IQ Report
RSA ID Plus for Microsoft data sheet
Join RSA at Microsoft Ignite Booth 1826R
About RSA:
RSA provides mission-critical cybersecurity solutions that protect the world’s most security-sensitive organizations. The RSA Unified Identity Platform provides true passwordless identity security, risk-based access, automated identity intelligence, and comprehensive identity governance across cloud, hybrid, and on-premises environments. More than 9,000 high-security organizations trust RSA to manage more than 60 million identities, detect threats, secure access, and enable compliance. For additional information, visit our website to contact sales, find a partner, or learn more about RSA.
Product or service names mentioned herein may be the trademarks of their respective owners.
