Configure Owner settings

Give administrators the ability to manage the data and custom plugin use in Security Copilot.

Prerequisites

You need the Security Copilot owner role to manage owner settings. For more information, see Understand authentication in Microsoft Security Copilot.

Manage administrative options

Here are configuration options available to users with the Copilot owner role:

Screenshot of configuration options in owner settings.

Capacity management

Manage capacity association and geo location evaluation options. Keep in mind, purchasing new security capacity units (SCUs), changing capacity, or associating with a different capacity all require Azure Owner or Contributor access to the capacity resource in the Azure portal.

Screenshot showing capacity association configuration menu.
Figure shows owner setting for associating SCUs.

For more information on purchasing SCUs, see Provision capacity.

Manage plugins

Preinstalled plugins, like ServiceNow and Azure AI Search, require more setup. When the setup includes configuring authentication, the plugin provider determines the type of authentication. Any plugin with the or Set up buttons are configured per user. This means all users, including owners, only configure that plugin for themselves.

Note

Website plugins use anonymous authentication to access content.

The following plugin options are configurable:

  • control whether other roles can add custom plugins for their sessions
  • control whether other roles can publish custom plugins to the tenant
  • control whether all roles can upload files

For more information, see Manage plugins and Add a source by uploading a file.

Manage accessing data from Microsoft 365 services

Allow users to query information from Microsoft 365 services that your organization has licensed. For more information, see Accessing data from Microsoft 365 services.

Manage logging audit data in Microsoft Purview

Manage logging audit data by configuring whether to allow Microsoft Purview to access, process, copy, and store Customer data.

Security Copilot uses Microsoft Purview to process and store data such as admin actions, user actions, and system responses.

In most scenarios, logs are available within 24 hours in Microsoft Purview after enabling the capability.

Important

Microsoft Purview will store your Customer Data in the region where your Microsoft 365 data is stored. For more information, see, Privacy and data security. The default retention period for audit logs is 180 days, but can be extended using audit log retention policies. For more information, see Manage audit log retention policies. If you already use Microsoft Purview, no further set up is needed. Otherwise, you'll need to provision a free, limited experience. For more information, see Turn auditing on or off.

For more information, see Audit logging.

Manage promptbooks

Promptbook creation is available to all roles, including the ability to publish a custom promptbook for the tenant. Choose whether to publish a promptbook for yourself or the tenant at the time of creation.

For more information, see Build your own promptbook.

For more information on authentication in Security Copilot, see Understand authentication in Microsoft Security Copilot.