Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

Introducing Varonis for Microsoft 365 Copilot

The industry's first cybersecurity solution built to secure Microsoft 365 Copilot before, during, and after deployment.
Rob Sobers
3 min read
Last updated April 3, 2024

Varonis for Microsoft 365 Copilot is a new add-on that builds on our existing Microsoft 365 security suite, featuring new capabilities to monitor Copilot data access in real time, detect abnormal Copilot interactions, and automatically limit sensitive data accessible by both humans and AI agents.

Varonis has helped thousands of customers classify sensitive data, reduce exposure, and detect threats in M365 since we first introduced coverage in 2015. Our M365 security suite helps customers prepare to safely adopt Copilot, but once deployed, organizations require ongoing visibility and control over what AI is doing in their environment. That's where our new Copilot security module comes in.

If you want to see our new Copilot capabilities in action, check out the on-demand recording of Securing Microsoft Copilot live lab demo or keep reading to get a rundown of our growing list of Copilot security features.

Copilot posture dashboards

Our new Copilot-focused dashboard gives you a real-time view of sensitive and regulated data exposed to Copilot users, shows usage trends, and tracks how much sensitive data is being accessed by AI.

This dashboard not only helps you quantify your Copilot readiness during your pilot phase, but it can also help you monitor adoption, answering questions like, "How many people are using Copilot?" or "Who are my Copilot super users?"


Copilot policy automation

Our automated policies help you quickly get your M365 environment ready for a successful Copilot rollout, safely eliminating massive amounts of data exposure in days. We recommend you keep most policies enabled to continuously limit Copilot's access to sensitive information and prevent accidental data leakage as new data is rapidly created.

We have dozens of automations out of the box and they are all customizable, so you can define your organization's security policies and Varonis will automatically enforce them.

Policies that are designed to help ensure Copilot readiness and ongoing security are marked with a "Copilot Remediation" badge and perform actions such as removing org-wide links, stale sensitive links, and stale group memberships.


One of our customers reduced their Copilot exposure by 99.8% in just 10 days with our automations:

  • Approximately one million files across SharePoint, OneDrive, and Teams
  • Varonis' classification scans found and labeled 120K sensitive files
  • Our exposure analysis found 57K sensitive files with excessive access
  • The customer enabled our Copilot policies and eliminated 2K unnecessary sharing links and right-sized access to all 57K sensitive files
  • The security team notified M365 admins of the remediation task and remarkably received zero help desk tickets or complaints

Copilot monitoring and forensics

We capture all Copilot interactions, including which files are being referenced in prompt responses, in our centralized and searchable audit trail.

Varonis enriches Copilot events with metadata such as file sensitivity, user account type, and geolocation, so you can answer questions such as, "Which executive users accessed sensitive financial data via Copilot this week from suspicious IP addresses?"

Copilot activity is available alongside all other M365 activity, making it easy to perform investigations that correlate authentication events from Entra ID with email events from Exchange Online.


Wait, why is Copilot showing me this data?!

When testing Copilot, you will undoubtedly enter a prompt and get a response that references data you had no idea you could access. The next question is always, "Why?"

Varonis crawls your entire M365 graph to calculate true effective permissions based on links, group memberships (local and domain), nested permissions, direct permissions, and more. 

Our access intelligence UI helps you quickly pinpoint why sensitive data is exposed to certain users via Copilot (or otherwise). Investigations that could take days or weeks to perform manually can be done in seconds with Varonis.


Copilot threat detection

Varonis' user behavior analysis (UBA) engine factors in Copilot activity and notifies customers of abnormal or suspicious Copilot interactions with sensitive data.

Our alerts are not simply based on static rules (e.g., "Alert me if someone exceeds 200 prompts in a day"), they are based on meaningful deviations from a behavioral baseline that is unique to your tenant and your users. This means that you won't have to sift through hundreds or thousands of noisy alerts.

What's more, with our MDDR service, a Varonis analyst will monitor your environment 24x7x365 and respond to every alert, so you don't have to.


Athena AI integration

Lastly, Varonis for Microsoft 365 Copilot works with Athena AI's SOC assistant and natural language search, making it easy to investigate and resolve Copilot-related security incidents.


Ready to try Varonis for Microsoft 365 Copilot?

You can request a free Microsoft 365 Copilot readiness assessment to evaluate your AI security posture or start a Varonis trial from the Azure Marketplace.

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

Microsoft Office 365 File Sharing Guide: OneDrive and SharePoint Tips
Microsoft Office 365 adds a layer of complexity to your data security strategy — learn how to protect data and improve collaboration in your organization.
The Difference Between E3 and E5 Office365 Features
Microsoft’s Enterprise Mobility and Security offerings are additional sets of security services that can be purchased to help control, audit and protect the data and users of Microsoft’s Azure and...
Copilot Security: Ensuring a Secure Microsoft Copilot Rollout
This article describes how Microsoft 365 Copilot's security model works and the risks that must be considered to ensure a safe rollout.
Varonis Accelerates the Secure Adoption of Microsoft Copilot for Microsoft 365
Varonis and Microsoft forged a new strategic collaboration to help organizations safely harness one of the most powerful productivity tools on the planet — Microsoft Copilot for Microsoft 365.