SOCFortress CoPilot Update: Expanding Our AI Chatbot with Threat Intel, Cyber News, Knowledge Base…

SOCFortress CoPilot Update: Expanding Our AI Chatbot with Threat Intel, Cyber News, Knowledge Base & Attack Surface

At SOCFortress, we’ve always believed in pushing the boundaries of what’s possible for security operations. What began as an assistant for your SIEM stack has now evolved into a multi-purpose AI companion. With our latest release of CoPilot, we’re proud to announce expansions to the AI chatbot’s functionality — making it smarter, faster, and more capable than ever before.

Get started with CoPilot: https://github.com/socfortress/CoPilot

In this update, CoPilot can now:

? Deliver actionable Threat Intelligence
? Keep you updated with the latest Cyber News
? Search and summarize your Knowledge Base
? Provide an Attack Surface view of your exposure

In this post, we’ll break down each of these new features, show how they work, and explain how they can transform your security operations.

Threat Intelligence at Your Fingertips

One of the most exciting upgrades is the ability to query threat intelligence data directly inside CoPilot. Instead of leaving your workflow to check multiple external tools, you can now ask CoPilot questions like:

“What is the IP reputation of 185.215.113.75?”
“What analysis can you give about the domain socfortress.co?”

The chatbot returns real-time results — including whether the IP is flagged as malicious, associated with botnet activity, or linked to malware. For domains, you’ll see registrar information, DNS details, and other key data points.

This eliminates the need to pivot between WHOIS, VirusTotal, and other online services. Everything you need is accessible through the CoPilot interface.

Cyber News Summaries

Security moves fast, and staying current is critical. That’s why we’ve integrated cyber news feeds directly into CoPilot. You can ask:

“What are the latest cyber threat headlines?”
“What vulnerabilities were disclosed this week?”

The chatbot fetches and summarizes the most recent developments — whether it’s a SharePoint remote code execution flaw, a SonicWall patch, or the latest evolving RAT campaigns. Each summary includes links to the original sources so you can read further.

No more scrambling across multiple blogs and feeds — CoPilot becomes your daily cyber threat digest.

Knowledge Base Integration

We know that every SOC has its own stack, integrations, and documentation. That’s why we’ve connected CoPilot to the SOCFortress Knowledge Base.

View our Knowledge Base: https://socfortress.supportbench.net/

Now you can query for how-tos and setup guides directly:

“How do I integrate Office 365 API?”
“How can I upgrade CoPilot to the latest release?”

The chatbot not only fetches the relevant KB articles but also summarizes them into digestible steps. You’ll save time digging through documentation and can immediately act on the insights.

We’re committed to expanding our knowledge base, and community feedback is welcome. If there’s a topic you’d like to see covered, let us know!

Attack Surface Insights

Last but not least, we’ve added an attack surface view to CoPilot. This feature allows you to quickly assess whether your organization’s data is exposed in public breaches or other online sources.

You can ask CoPilot to:

Search for breaches related to a domain or email.
Check if a password has appeared in known breach databases.
Investigate potential exposures tied to your services.

For example:

“Search for breaches related to [email protected].”
“Has the password Password123 been exposed?”

This feature makes it easy to identify risks and respond before attackers can exploit them.

Conclusion

These new features make CoPilot more than just an SIEM assistant — it’s now your AI-powered SOC analyst. By centralizing threat intelligence, news, documentation, and exposure checks, analysts can make faster, smarter decisions with less context-switching.

We’re excited to continue building on this foundation and can’t wait to see how security teams leverage CoPilot to strengthen their defenses.

Need Help?

The functionality discussed in this post, and so much more, are available via the SOCFortress platform. Let SOCFortress help you and your team keep your infrastructure secure.

Website: https://www.socfortress.co/