Sophos has integrated its threat intelligence platform, Sophos Intelix, into Microsoft Security Copilot and Microsoft 365 Copilot to give organisations direct access to real-time cyber data inside tools they already use. The move targets security teams that need faster analysis and clearer context as attack speeds rise and workloads grow.
Sophos processes more than 223 terabytes of telemetry each day, producing over 34 million detections and blocking more than 11 million threats. That data now flows into both Copilot products at no cost to users.
In Microsoft Security Copilot, Intelix provides security and IT teams with richer context when they investigate alerts. Analysts can run sandbox and dynamic analysis, check reputations for files, URLs and IP addresses, and view global insight from Sophos X-Ops without leaving Copilot. Sophos Intelix will also be listed in Microsoft’s Security Store for third-party agents and APIs.
The Microsoft 365 Copilot integration brings the same intelligence into everyday productivity tools. Users can query threat data in plain language inside Teams and Copilot Chat, check whether files or links are tied to malicious activity, and improve decision-making inside their workflow.
Sophos is also supporting Microsoft Agent 365, which extends Intelix intelligence into Microsoft’s growing agent ecosystem with identity controls, observability and compliance features.
These steps come as defenders face rising pressure. Sophos reports that 96 percent of SMBs struggle to investigate suspicious alerts, while 75 percent have difficulty resolving incidents quickly. Its latest Active Adversary Report shows that data exfiltration can begin within three days of an intrusion and that attackers can reach Active Directory in as little as 11 hours.
Sophos aims to help organisations analyse threats faster and respond with more confidence by placing Intelix inside the Copilot environment.
