Skip to main content

Copilot for Security Spectra Analyze Plugin - User Guide

Overview

The ReversingLabs Spectra Analyze plugin for Microsoft Copilot for Security enables security teams to reference file analysis results from their Spectra Analyze appliance while interacting with the AI-powered capabilities of Microsoft Copilot for Security.

Current Features

The Spectra Analyze plugin for Microsoft Copilot for Security currently supports the following features:

  • Retreiving file classification data

  • Summarizing Spectra Core file analysis reports

Plugin Installation

  1. Get your ReversingLabs Spectra Analyze API token.

  2. Sign in to Microsoft Copilot for Security.

  3. Access Manage Plugins by selecting the Plugin button from the prompt bar.

    Screenshot showing the Microsoft Copilot for Security prompt bar

  4. Find the ReversingLabs Spectra Analyze plugin, select "Set Up" to configure and enable it.

    Screenshot showing the Spectra Analyze plugin

  5. In the ReversingLabs settings pane, provide your Spectra Analyze URL and API token.

    Screenshot showing the credential configuration page

  6. Save your changes.

Using the Plugin

After the Spectra Analyze plugin is configured, you can use it by typing ReversingLabs in your Copilot for Security prompt bar, followed by an action. The following table provides several examples you can try:

Skill Prompt SuggestionDescriptionExample natural language prompt
GetFileClassificationThis skill is used to retrieve file hash classification information from a Spectra Analyze appliance.What is the classification of hash a6e728c3331f46763f643f7192959716034767e5?
GetTiCoreReportRetrieve the Spectra Core analysis report for the provided file hash from a Spectra Analyze appliance.Get the TiCore report for hash a6e728c3331f46763f643f7192959716034767e5

Examples

Basic Usage

This example uses the following natural language prompt:

What is the classification of hash a6e728c3331f46763f643f7192959716034767e5?

Screenshot showing the output of a prompt

Advanced Usage

The power of Microsoft Copilot for Security comes from the ability of the assistant to manipulate data. For example, a SOC analyst can take a complex static file analysis report and summarize it in an easy to understand format.

Provide a brief summary of the ReversingLabs TiCore report for sha1 hash a6e728c3331f46763f643f7192959716034767e5

Screenshot showing the output of the file analysis results action