Summary
Key Takeaways
Two billing models: Standalone uses hourly provisioned Security Compute Units (SCUs) at $4/hour (overage $6/hour). E5 inclusion gives you a monthly pool where only actual consumption is deducted.
M365 E5 inclusion: 400 SCUs per month for every 1,000 users, capped at 10,000 SCUs. Announced at Ignite 2025, rolling out in phases with 30 days’ notice. E5 overage billing is not yet available; exceeding the allocation means throttling.
M365 E7 is another route: E7 ($99/user/month, generally available 1 May 2026) includes E5 and therefore carries the same Security Copilot entitlement.
Prerequisites are minimal: You need an Azure subscription (standalone only) and Microsoft Entra ID. No specific security product required, though Security Copilot’s usefulness depends on what telemetry it can access.
Agents and governance: 12 Microsoft-built agents across Defender, Entra, Intune, and Purview, plus partner agents. Agent 365 ($15/user/month) provides governance for agents at scale.
Standalone purchase still available: Not on E5? You can still provision SCUs directly via the Azure portal.
No GCC/DoD support: Security Copilot isn’t available for US government cloud customers. IoT/OT is also not supported.
1. What is Security Copilot?
Security Copilot is Microsoft’s generative AI assistant for security and IT professionals. Unlike Microsoft 365 Copilot, which helps with productivity across Office apps, Security Copilot is built specifically for security operations: investigating threats, analysing incidents, hunting for vulnerabilities, and automating security workflows.
What it does:
Security Copilot gives you insights and recommendations using Microsoft’s threat intelligence, industry best practices, and your own data from Microsoft and partner tools. You can:
Investigate and remediate security threats using natural language queries
Build Kusto Query Language (KQL) queries and analyse suspicious scripts
Understand risks and manage your security posture
Troubleshoot IT issues faster
Define and manage security policies
Configure secure lifecycle workflows
Develop reports for stakeholders
Automate tasks with autonomous agents
Integration points
Security Copilot integrates with and embeds within multiple Microsoft security products:
Product | Role |
|---|---|
Threat protection | |
Microsoft Sentinel | SIEM |
Microsoft Intune | Endpoint management |
Microsoft Entra | Identity and access management |
Microsoft Purview | Data security and compliance |
Microsoft Defender for Cloud | Cloud security posture |
Microsoft Defender Threat Intelligence | Threat intelligence |
Azure Firewall | Network security |
Microsoft Defender External Attack Surface Management | External attack surface |
Security Copilot accesses data from whichever of these products you have deployed. Its usefulness is directly tied to what telemetry it can reach. For more detail on capabilities, see Microsoft’s Security Copilot FAQ.
Language support: The underlying model supports a limited set of languages, while the user interface is available in a broader range. Check the FAQ for the current list. If your security team operates in a language other than English, verify coverage before committing budget.
Standalone vs embedded experiences:
You can use Security Copilot in two ways:
Standalone portal: Go directly to securitycopilot.microsoft.com for comprehensive security investigations and promptbook execution.
Embedded experiences: Copilot capabilities appear directly within Defender, Entra, Intune, and Purview portals, so you get context-aware assistance without switching applications.
2. How Much Does Security Copilot Cost?
Security Copilot uses consumption-based pricing rather than traditional per-user licensing. Costs are measured in Security Compute Units (SCUs).
2.1 What is an SCU?
A Security Compute Unit measures the compute power required to run Security Copilot workloads. You consume SCUs when:
You execute prompts in the standalone portal
You interact with embedded Copilot features in Defender, Entra, Intune, or Purview
Agents perform automated tasks
Promptbooks execute sequences of prompts
Different operations consume different amounts. A simple prompt might consume a fraction of an SCU, while a complex incident summarisation or multi-step investigation consumes more.
Billing for preview features: Public preview and GA features consume SCUs. Private preview features do not. When budgeting, check which capabilities you plan to use are still in private preview, because those won’t cost you anything until they graduate to public preview or GA.
Token limit risk: Large prompts, long sessions, or verbose plugin output can overflow the token space. When that happens, Security Copilot attempts mitigations but may stop processing the request entirely. The SCUs consumed during such a session are not refunded. In practical terms, a complex investigation that hits the token ceiling still costs you capacity with no usable output.
2.2 Pricing Model
Security Copilot operates on a dual-capacity model: provisioned capacity for predictable workloads, and overage capacity for demand spikes.
Capacity Type | Rate | Billing |
|---|---|---|
Provisioned SCUs | $4/SCU/hour | Billed monthly based on hourly provisioning |
Overage SCUs | $6/SCU/hour | Billed only when used |
How billing works:
Provisioned capacity is billed by the hour. If you provision 4 SCUs, you pay $16/hour ($4 x 4) regardless of actual consumption, as long as you stay within that capacity.
Overage kicks in when you exceed your provisioned SCUs within an hour. You pay $6 per overage SCU consumed, up to your configured overage limit.
Billing is calculated in hourly blocks.
Example calculation:
You have 4 provisioned SCUs with an overage limit of 6 SCUs.
Scenario 1: You execute a prompt that consumes 3 SCUs and use incident summarisation in Defender, which consumes 0.5 SCU. Total: 3.5 SCUs. You’re charged for 4 provisioned SCUs at $4 each: $16 for that hour.
Scenario 2: Same hour, you also run a promptbook consuming another 3.2 SCUs, bringing total hourly consumption to 7.2 SCUs. You're charged for 4 provisioned SCUs ($16) plus 3.2 overage SCUs at $6 each ($19.20): $35.20 for that hour.
2.3 E5 Inclusion Billing Works Differently
The provisioned and overage model described above applies to standalone purchases. If you're on Microsoft 365 E5, your included capacity uses a fundamentally different billing approach.
Under the standalone model, you pay for provisioned SCUs every hour whether you use them or not. The E5 inclusion model gives you a monthly pool instead, and only actual consumption is deducted from it. The cost values shown in the Security Copilot dashboard for E5 included capacity are informational only and do not represent charges.
Under provisioned billing, running 5 SCUs for 2 hours costs you 10 SCUs regardless of how much compute you actually consumed. Under E5 inclusion, the same workload might deduct only 3.5 SCUs from your monthly pool, because you're billed for what you used, not what you reserved.
E5 customers who need more capacity than their allocation provides can also run both models at the same time. You can provision additional standalone SCUs alongside your E5 inclusion capacity. The two pools operate independently.
For full details on E5 inclusion, including allocation sizes and rollout timeline, see Section 3.
2.4 Provisioned Capacity Limits
Maximum provisioned capacity: 100 SCUs
Microsoft recommends starting with 3 SCUs for evaluation, with overage set to unlimited
2.5 Estimating Costs
Microsoft provides an SCU capacity calculator to estimate usage based on:
Number of monthly users per experience (Defender, Intune, Purview, Entra, standalone)
Automation through Logic Apps and Promptbooks
The calculator shows maximum expected SCUs per hour and displays combinations of provisioned and overage SCUs with corresponding monthly cost ranges. You’ll need an Azure account to access it.
The estimation challenge:
Unlike per-user licensing, SCU consumption is inherently unpredictable. It depends on:
How many prompts your team executes
Complexity of prompts and investigations
Use of automated workflows and agents
Volume of incidents requiring AI-assisted analysis
For current rates, see Microsoft’s Security Copilot pricing page.
3. Microsoft 365 E5 Inclusion
At Ignite 2025 (November 2025), Microsoft announced that Security Copilot would be included with Microsoft 365 E5 at no additional cost. The inclusion is being rolled out in phases (see Section 3.2 below).
Microsoft 365 E7 ($99/user/month, GA 1 May 2026) bundles E5 with Microsoft 365 Copilot, Entra Suite, and Agent 365. Because E7 includes E5, it carries the same Security Copilot entitlement. Whether E7 customers will need to wait for the same phased activation or will receive Security Copilot immediately at E7 GA is not yet confirmed by Microsoft.
3.1 What’s Included
Aspect | Detail |
|---|---|
SCU allocation | 400 SCUs per month for every 1,000 paid user licences |
Maximum allocation | 10,000 SCUs per month (regardless of user count) |
Scaling | Pro-rata for fewer than 1,000 users |
Rollover | SCUs don’t roll over; allocations reset monthly |
Allocation examples:
400 users = 160 SCUs/month (400 x 0.4)
1,000 users = 400 SCUs/month
4,000 users = 1,600 SCUs/month
25,000+ users = 10,000 SCUs/month (cap applies)
3.2 Rollout Timeline and Activation
Customer Type | Timing |
|---|---|
Existing Security Copilot customers with M365 E5 (as of 18 Nov 2025) | Available immediately |
All other M365 E5 customers | Phased rollout over coming months; 30-day advance notification |
New M365 E5 purchasers | Same phased timeline; buying E5 today does not grant immediate Security Copilot access |
An important distinction: having an eligible E5 licence does not automatically mean you have access. Security Copilot must be rolled out to your tenant first. Microsoft sends a 30-day advance notification, and your tenant is auto-provisioned after that period ends. If you’re planning a security operations project around Security Copilot, account for this activation delay.
There is no minimum E5 user count required. All customers with Microsoft 365 E5 licences qualify regardless of how many seats they have. Conversely, Microsoft Sentinel customers without E5 do not qualify, even though Sentinel is one of the most prominent Security Copilot integration points.
What auto-provisioning configures:
When your tenant is activated, Microsoft preselects several settings on your behalf:
The geography where customer data (prompts and responses) is stored
The GPU processing location
Data sharing is turned off by default. If you leave it off, your organisation will not be able to use Security Copilot with Microsoft 365 products such as Microsoft Purview. Review this setting early.
Default roles that inherit Security Copilot owner and contributor access
Activation notifications go to Global Administrators, Message Centre Readers, Security Admins, Purview Compliance Admins, and Intune Admins.
If you're an existing Security Copilot customer: Microsoft recommends that you do not delete the capacity you previously provisioned. Retain it to ensure uninterrupted access during the transition to E5 inclusion.
Don't cancel existing Security Copilot capacity before your E5 inclusion is activated. There's a gap between eligibility and access, and Microsoft explicitly warns against it.
3.3 What’s Covered
Core experiences (included): | Not covered: |
|---|---|
✅ All chat, promptbook, and agentic scenarios across Entra, Intune, Purview, Defender, and the standalone portal | 🔴 Sentinel data lake compute or storage costs |
✅ Sentinel scenarios if you also use Sentinel (apply your included SCU allocation) | 🔴 Non-agentic Data Security Investigations in Purview |
✅ Developer experiences: Agent Builder and APIs for creating custom agents, promptbooks, and integrations via Model Context Protocol (MCP) and Graph APIs | 🔴 Azure Logic Apps charges when used with Security Copilot |
✅ Partner-built agents: SCU costs included (until further notice) | 🔴 Partner agent licensing fees (you buy those separately via Security Store; SCU consumption is included, but partner licences aren’t) |
— | 🔴 Prerequisites for agents that need products outside M365 E5 |
3.4 Exceeding the Allocation
As of March 2026, there is no overage billing for E5 included capacity. If you exhaust your monthly SCU allocation, analysts will see an error message stating that Security Copilot can’t respond to requests due to high usage. They will not be able to submit more prompts until more capacity becomes available in the next hour.
In practical terms, the E5 inclusion operates as a hard cap, not a soft cap. There is no automatic overflow into paid overage. Microsoft has stated that pay-as-you-go overage at $6 per SCU will become available "at a future date", with 30 days’ notice before activation. Until then, exceeding the allocation means throttling, not a bill.
If your usage consistently exceeds the allocation, you can provision additional standalone SCUs separately (see Section 2.3).
3.5 Comparison with Standalone Purchase
Aspect | M365 E5 Inclusion | Standalone Purchase |
|---|---|---|
Base cost | Included with E5 subscription | $4/SCU/hour provisioned |
SCU allocation | 400 per 1,000 users (max 10,000) | As provisioned |
Overage | Hard cap; throttled (pay-as-you-go at $6/SCU coming) | $6/SCU/hour |
Billing model | Monthly pool; only actual consumption deducted | Hourly blocks; billed whether used or not |
Azure subscription required | No (for included capacity) | Yes |
Manual provisioning | Not needed | Required |
If you’re not on M365 E5: Standalone purchase remains available. If you’re considering upgrading to E5 primarily for Security Copilot, do the maths first: calculate whether the SCU value justifies the E5 premium over your current licensing. Note that E5 currently costs $57/user/month, increasing to $60/user/month from 1 July 2026. For full details on the E5 inclusion, see Microsoft’s Security Copilot E5 documentation.
4. Licensing Requirements
Requirement | Detail |
|---|---|
Azure subscription | Required for standalone purchase; not required for M365 E5 inclusion |
Microsoft Entra ID | Required for user authentication |
Security product licences | Not mandatory, but integration value depends on what you’ve deployed |
Availability | Commercial cloud only; not available for GCC, GCC High, DoD, or Azure Government |
IoT/OT | |
Tenant/subscription transfers | Not supported; no migration path between tenants |
You don’t need Defender, Sentinel, or any specific Microsoft security product to use Security Copilot.
Authentication model: Security Copilot uses on-behalf-of authentication to access security data through active Microsoft plugins. It inherits the signed-in user’s access scope, so the data Security Copilot can reach depends on what that user is authorised to see. For organisations in regulated industries, factor this into your data access and compliance evaluation.
Tenant transfers: The lack of tenant or subscription transfer support deserves emphasis. If you provision Security Copilot capacity in the wrong tenant, there is no way to move it. Combined with the fact that deleting capacity is permanent and irreversible (see Section 6.6), a wrong-tenant deployment is a write-off. Verify your tenant before provisioning.
For technical setup details, see Microsoft’s Getting Started with Security Copilot.
5. Security Copilot Agents
At Ignite 2025, Microsoft added agent capabilities to Security Copilot.
5.1 What Are Agents?
Agents are autonomous AI assistants that perform security tasks without continuous human prompting. They can triage alerts, optimise policies, and remediate issues. You retain oversight; you can review, approve, or override their actions.
5.2 Available Agents
Microsoft-built agents (12 in preview): | ➤ Defender: Phishing Triage, Alert Triage, Threat Intelligence, Natural Language Threat Hunting ➤ Entra: Conditional Access Optimisation, Risky User Remediation, Access Review, App Lifecycle Management ➤ Intune: Policy Configuration, Change Assessment, Device Removal ➤ Purview: Data Security Posture, Data Security Alert Triage |
Partner-built agents: | Available via the Microsoft Security Store. |
Custom agents: | You can build your own. |
5.3 Agent Licensing
All agent usage consumes SCUs like other Security Copilot features
On M365 E5, agent SCU consumption counts against your included allocation
Partner agents may need separate licensing from the partner; SCU costs are included in E5 entitlements (subject to change)
Agent governance: Agent 365 ($15/user/month, GA 1 May 2026) extends Microsoft Entra, Purview, and Defender governance to AI agents, including Security Copilot agents. Agents can receive Entra agent IDs, be registered in a central Agent Registry, and fall under Defender detection for prompt manipulation and agent-based attack chains. If you're deploying Security Copilot agents at scale, Agent 365 is the governance layer Microsoft expects you to use.
6. Managing Usage and Costs
6.1 Usage Monitoring Dashboard
The Security Copilot usage dashboard tracks consumption across several data dimensions: Session ID, Date, Units used, Initiated by, Category (Prompt, Promptbook, or Agent), Type (Manual or Automated Action), Copilot experience (Standalone, Embedded, or Logic Apps), Plugin used, and Status. Up to 90 days of historical data is available.
The Agent category is a recent addition, allowing you to distinguish SCU consumption driven by autonomous agents from manual prompts and promptbook executions. If you’re running agents alongside human analysts, this distinction is essential for understanding where your capacity is going.
The dashboard supports filtering and data export. One limitation to be aware of: filters currently apply only to the table view, not the bar chart.
6.2 Adjusting Capacity
You can modify capacity at any time via:
Security Copilot portal: Owner settings, then Change units
Azure portal: Microsoft Security compute capacities
Users can expect capacity adjustments to take effect within 30 minutes. Billing is calculated on hourly blocks.
Updating SCUs via the Security Copilot portal requires both an Azure capacity owner or contributor role and a Security Copilot owner role. If your Azure admin and your security operations lead are different people, both need to be involved.
6.3 Setting Overage Limits
For standalone customers, you can set overage limits from 0 to 999 SCUs:
Unlimited overage (Microsoft’s recommendation for uninterrupted operations)
Specific cap (e.g., maximum 10 overage SCUs per hour; upper limit is 999)
Zero overage (operations throttled when provisioned capacity runs out)
When an analyst is nearing the capacity limit, a notification is displayed in response to their prompt, telling them to contact the Azure capacity owner. These notifications also appear in embedded experiences. When the limit is exceeded, analysts see an error message stating that Security Copilot can’t respond to requests due to high usage, and they cannot submit further prompts until capacity becomes available in the next hour.
6.4 Cost Control Strategies
If you’re on standalone | If you’re on M365 E5 |
|---|---|
Start with Microsoft’s recommended 3 SCUs with unlimited overage | Monitor consumption against your included allocation |
Monitor actual usage patterns for 1-2 months | Review the dashboard weekly during initial rollout |
Adjust provisioned capacity to align with typical consumption | If you’re consistently approaching the cap, consider whether additional standalone SCUs are justified |
Set overage limits based on acceptable cost variability | Track which agents and promptbooks consume the most capacity |
6.5 Workspaces
Security Copilot supports multiple workspaces within a tenant. Each tenant must provision a minimum of one SCU, which enables access to at least one Workspace. Workspaces allow you to designate access, assign capacity, configure specific plugins, deploy agents, and add promptbooks per team or group.
How SCU sharing works depends on the capacity model:
E5 inclusion capacity is tenant-wide. The default Security Copilot capacity is shared across all users and experiences in the tenant. You cannot restrict E5 included SCUs to specific workspaces or teams.
Provisioned and overage workspace capacity is not shared. SCUs, whether Provisioned or Overage, can’t be shared between Workspaces. If your organisation has Workspace A with 1 provisioned and 3 overage SCUs, and Workspace B with 2 provisioned and 5 overage, Workspace A cannot draw on Workspace B’s capacity.
The practical implication: if you need departmental budget isolation for Security Copilot spend, provisioned workspaces give you that. E5 included capacity does not. For more, see Microsoft's Managing Security Copilot Usage.
If you need per-department cost tracking for Security Copilot, you must use provisioned workspaces. E5 included capacity is tenant-wide with no way to attribute costs to specific teams.
6.6 Offboarding and Capacity Deletion
Deleting capacity and internal data is permanent and cannot be undone. The operation requires the Security Administrator role. If you need to export data before deletion, you must contact Microsoft support; there is no self-service export.
Combined with the lack of tenant transfer support (see Section 4), a capacity deployment cannot be moved, and once deleted, cannot be recovered.
7. Integrations and Plugins
7.1 Microsoft Integrations
Security Copilot integrates with Microsoft products through built-in plugins. When enabled, Copilot can query data from these products and provide grounded responses.
Product | Capabilities |
|---|---|
Microsoft Defender XDR | Incident investigation, alert triage, threat hunting |
Microsoft Sentinel | Log analysis, KQL generation, incident correlation |
Microsoft Intune | Device compliance, policy analysis, troubleshooting |
Microsoft Entra | Identity risk assessment, Conditional Access analysis |
Microsoft Purview | Data classification, compliance posture |
Microsoft Defender for Cloud | Cloud security posture, vulnerability management |
Microsoft Defender Threat Intelligence | Threat actor profiles, indicator analysis |
Azure Firewall | Traffic analysis, rule recommendations |
Note: These products must be licensed and deployed separately. Security Copilot doesn’t include licences for them.
7.2 Microsoft Defender Threat Intelligence
Security Copilot includes access to Defender Threat Intelligence (Defender TI) at no extra cost:
Tenant-level Defender TI premium workbench access
Intel profiles, threat analysis, and internet data sets
All content and data for context on activity groups, tooling, and vulnerabilities
Exclusion: The Defender TI API remains separately licensed. Security Copilot access doesn’t include API rights.
7.3 Partner and Custom Plugins
Security Copilot supports non-Microsoft plugins for third-party integrations. Many partners have published plugins and agents in the Microsoft Security Store.
You can develop custom plugins using the Security Copilot API to extend capabilities to your own systems.
7.4 Connectors
Connectors let you invoke Security Copilot from automation workflows:
Logic Apps connector: Supports two actions: "Submit a Security Copilot prompt" and "Submit a Security Copilot promptbook"
Copilot Studio connector: Supports two actions: "Submit a Security Copilot prompt" and "Fetch a Security Copilot prompt status"
Note that the Logic Apps connector can submit promptbooks directly, while the Copilot Studio connector cannot. If your automation workflows depend on promptbook execution, Logic Apps is the integration point.
8. Licensing Scenarios
Scenario 1: Large Enterprise with M365 E5 |
|---|
Situation: 10,000 employees on Microsoft 365 E5, using Defender XDR and Sentinel. Included capacity: 4,000 SCUs/month (10,000 users x 0.4 = 4,000; under the 10,000 cap) |
What to do: Use your included capacity for security operations centre (SOC) operations. Monitor usage; if you're consistently near the cap, decide whether to wait for pay-as-you-go overage or provision additional standalone SCUs. |
Scenario 2: Mid-Size Organisation with M365 E5 |
|---|
Situation: 2,500 employees on Microsoft 365 E5, primarily using Defender and Intune. Included capacity: 1,000 SCUs/month |
What to do: Your included capacity should support moderate usage. Enable agents for alert triage and Conditional Access optimisation. Track consumption monthly. |
Scenario 3: Small Organisation with M365 E5 |
|---|
Situation: 200 employees on Microsoft 365 E5. Included capacity: 80 SCUs/month (200 x 0.4) |
What to do: Limited capacity means you should use it for targeted investigations rather than high-volume automation. Focus on the use cases that deliver most value within your allocation. |
Scenario 4: Organisation without M365 E5 |
|---|
Situation: 1,000 employees on Microsoft 365 E3, using Sentinel and Defender. |
Options: 1. Standalone Security Copilot: Provision SCUs via Azure. Start with 3 provisioned SCUs ($4 x 3 x 730 hours ~ $8,760/month) plus overage as needed. 2. Upgrade to M365 E5: E5 currently costs $57/user/month, increasing to $60/user/month from 1 July 2026. For 1,000 users, that’s $57,000/month now or $60,000/month after July. The Security Copilot inclusion alone doesn’t justify this upgrade. Only makes sense if E5’s other features (Defender P2, eDiscovery Premium, Audio Conferencing) also provide value. 3. Consider M365 E7: Microsoft 365 E7 at $99/user/month (GA 1 May 2026) bundles E5 with Microsoft 365 Copilot, Entra Suite, and Agent 365. If you need multiple products from that bundle, E7 may be more cost-effective than assembling them individually. Security Copilot inclusion comes with E7 because it includes E5. |
Scenario 4: Organisation without M365 E5 |
|---|
Situation: 1,000 employees on Microsoft 365 E3, using Sentinel and Defender. |
Options: 1. Standalone Security Copilot: Provision SCUs via Azure. Start with 3 provisioned SCUs ($4 x 3 x 730 hours ~ $8,760/month) plus overage as needed. 2. Upgrade to M365 E5: E5 currently costs $57/user/month, increasing to $60/user/month from 1 July 2026. For 1,000 users, that's $57,000/month now or $60,000/month after July. The Security Copilot inclusion alone doesn't justify this upgrade. Only makes sense if E5's other features (Defender P2, eDiscovery Premium, Audio Conferencing) also provide value. 3. Consider M365 E7: Microsoft 365 E7 at $99/user/month (GA 1 May 2026) bundles E5 with Microsoft 365 Copilot, Entra Suite, and Agent 365. If you need multiple products from that bundle, E7 may be more cost-effective than assembling them individually. Security Copilot inclusion comes with E7 because it includes E5. |
Scenario 5: Managed Security Service Provider (MSSP) Managing Multiple Customers |
Situation: Managed security service provider using Security Copilot across customer tenants. |
The fundamental constraint: There is no Cloud Solution Provider (CSP) or reseller multitenant model for MSSPs. You cannot buy SCUs wholesale and distribute them across customers. Each customer is responsible for purchasing their own SCUs and granting MSSPs the necessary access. |
Access methods: Microsoft documents three ways for MSSPs to access customer Security Copilot environments: ➤ Azure Lighthouse is supported for invoking Sentinel-based skills from the partner tenant, but scoped to a single customer's Microsoft Sentinel Workspace at a time. You cannot query multiple customer workspaces simultaneously. When using Lighthouse, the capacity plan (SCUs) used is the partner tenant's capacity plan, not the customer's. Budget accordingly. ➤ Business-to-Business (B2B) Collaboration / Guest Accounts provide guest access in the customer's tenant. ➤ Granular Delegated Admin Privileges (GDAP) enable delegated administration from Partner Center. |
Infrastructure note: The MSSP SOC solution does not need to be hosted on Azure, though Microsoft recommends it. |
Cost implications for MSSPs: If you're using Lighthouse, your own SCUs are consumed when querying customer environments. If the customer has M365 E5 with Security Copilot included, that allocation only applies to their tenant, not to your partner tenant's consumption. Plan your SCU provisioning to account for customer-facing workloads. |
9. What’s the Relationship to Microsoft 365 Copilot?
Security Copilot and Microsoft 365 Copilot are separate products with different purposes, pricing models, and licensing.
Aspect | Security Copilot | Microsoft 365 Copilot |
|---|---|---|
Purpose | Security operations | Productivity across Office apps |
Pricing model | Consumption-based (SCUs) | Per-user licensing ($30/user/month) |
Integrations | Defender, Sentinel, Intune, Entra, Purview | Word, Excel, PowerPoint, Outlook, Teams |
Data access | Security telemetry, threat intelligence | Microsoft Graph (emails, files, meetings) |
Target users | SOC analysts, security admins, IT admins | Knowledge workers |
M365 E5 inclusion | Yes (400 SCUs per 1,000 users) | No (separate purchase required) |
You can deploy both. The licences are additive, not interchangeable.
10. Frequently Asked Questions
How much does Security Copilot cost?
For standalone purchases, provisioned SCUs cost $4 per hour and overage SCUs cost $6 per hour. If you're on M365 E5, you receive 400 SCUs per month for every 1,000 users at no additional cost, up to 10,000 SCUs per month.
Is Security Copilot included with M365 E5?
Yes. Microsoft announced this at Ignite 2025. Rollout began 18 November 2025 for existing Security Copilot customers with M365 E5. Everyone else on E5 will be activated over the coming months with 30 days’ notice.
What if I exceed my included SCU allocation?
As of March 2026, exceeding the E5 included allocation means throttling, not a bill. Analysts will see an error and cannot submit prompts until capacity resets in the next hour. Microsoft has stated that pay-as-you-go overage at $6 per SCU will become available at a future date, with 30 days’ notice.
Do I need Defender or Sentinel to use Security Copilot?
No. There are no specific security product prerequisites.
What’s an SCU?
A Security Compute Unit measures compute power for Security Copilot workloads. Different operations consume different amounts. A simple prompt might consume a fraction of an SCU; complex investigations consume more.
Can SCUs be shared across workspaces?
It depends on the capacity model. E5 included capacity is shared across the entire tenant and cannot be restricted to specific workspaces. Provisioned and overage workspace capacity works differently, because SCUs cannot be shared between workspaces. If Workspace A has 3 SCUs and Workspace B has 5, they draw from separate pools.
Is Security Copilot available in GCC or government clouds?
No, Security Copilot is only available in commercial cloud environments and is not available for GCC, GCC High, DoD, or Azure Government.
What are Security Copilot agents?
Autonomous AI assistants that perform security tasks without continuous human prompting. Microsoft introduced 12 new agents at Ignite 2025 across Defender, Entra, Intune, and Purview, plus partner-built agents available via the Security Store.
How do I estimate how many SCUs I need?
Use Microsoft’s capacity calculator. It provides estimates based on user counts, workloads, and automation usage. Microsoft recommends starting with 3 provisioned SCUs for evaluation.
11. Recent Changes
Date | Change |
|---|---|
March 2026 | M365 E7 announced ($99/user/month, GA 1 May 2026), includes E5 and therefore Security Copilot; Agent 365 governance layer announced; E5 inclusion billing model clarified as consumption-based monthly pool (distinct from hourly provisioned model); workspace capacity isolation confirmed for provisioned SCUs |
November 2025 (Ignite) | Security Copilot included with M365 E5; 12 new Microsoft-built agents; partner agents via Security Store |
April 2025 | Overage SCUs generally available; usage monitoring dashboard enhanced |
April 2024 | Security Copilot reached general availability with consumption-based pricing |
Need Help?
Microsoft often changes their licensing and pricing rules. If you need help evaluating the M365 E5 inclusion, forecasting Security Copilot costs, or understanding your options, get in touch. We don’t sell Microsoft licences or cloud services, so our advice is independent.