Security Copilot in Microsoft 365 E5: What April 20 Changes
Two cost barriers have blocked Security Copilot from broad SOC adoption since GA. The $4/SCU provisioning model made pilots look expensive, and the friction of getting Azure subscription approval to stand up capacity killed momentum before teams could prove value. Both vanished for Microsoft 365 E5 customers on January 1, 2026.
On April 20, Microsoft begins the broad rollout of Security Copilot as an included benefit for every M365 E5 tenant. 400 SCU per month for every 1,000 paid user licenses, up to 10,000 SCU. Auto-provisioned. Zero-click. The official rollout started November 18, 2025 for existing Security Copilot customers on E5, and the broad wave kicks off April 20 for everyone else.
This is the biggest single licensing change in Microsoft Security since Defender XDR consolidated into one portal. Here’s what it changes, what it doesn’t, and what your team should do the week your tenant activates.
What Happened
Microsoft updated the Product Terms effective January 1, 2026, adding Security Copilot to the Microsoft 365 E5 entitlement. The rollout happens in two waves.
Wave 1 started November 18, 2025. Existing Security Copilot customers who also held M365 E5. No provisioning changes required. Their existing capacity stays in place.
Wave 2 starts April 20, 2026. All remaining M365 E5 tenants get auto-provisioned capacity on a rolling basis, with a 30-day advance notification.
The SCU math you need to remember:
400 SCU per month for every 1,000 paid user licenses
Scales below 1,000 users. 400 users = 160 SCU. 100 users = 40 SCU.
Capped at 10,000 SCU per month regardless of tenant size
Monthly reset, no rollover. Unused SCU evaporates each month.
Overage at $6 per SCU pay-as-you-go, with 30-day advance notice before throttling
Auto-provisioning sets up a default workspace and tenant-wide Default Security Copilot Capacity. This capacity can’t be modified. It’s shared across all users and experiences in the tenant.
What’s Included and What Isn’t
The inclusion covers the full Security Copilot surface area:
Chat and promptbooks across Defender, Entra, Intune, Purview, and the standalone portal
Every agent Microsoft ships across those five surfaces
Agent Builder, MCP, and Graph APIs for building custom agents
Partner-built agent SCU costs for now, though Microsoft flagged this could change
What’s not included:
Microsoft Sentinel data lake compute and storage
Non-agentic Data Security Investigations in Purview
Azure Logic Apps consumption tied to Security Copilot workflows
Partner agent licensing fees sold via the Security Store
Product prerequisites that live outside the E5 stack
One clarification that matters. Microsoft Sentinel customers who don’t carry M365 E5 are excluded. Microsoft drew the line at the E5 bundle, not the Sentinel SKU. This is a push to consolidate.
Why It Matters
The cost objection is the headline. For 18 months, I’ve watched CISOs and IT Directors kill Security Copilot proposals because the provisioned billing model ($4/SCU/hour) made the pilot look expensive and the scale-out look reckless. That conversation is done for anyone already carrying E5.
The cost story isn’t the whole story. Three second-order effects matter more.
Agentic AI becomes the default interface, not a premium feature. Microsoft isn’t bundling a product. They’re positioning Security Copilot as the connective tissue across Defender, Entra, Intune, and Purview. Every workflow gets an agent. Product teams now have a reason to treat agents as first-class experiences instead of paywalled add-ons.
E5 becomes the AI-native security bundle. Sentinel-only customers get nothing. Defender standalone customers get nothing. Organizations that bought the E5 bundle for the compliance and identity stack now get agentic AI thrown in, while organizations that bought Sentinel standalone lost a strategic advantage. Expect sales motions to shift.
The SCU allocation is real, but it isn’t infinite. 400 SCU per 1,000 users works out to 0.4 SCU per user per month. In practice, a single SOC analyst running incident summarization and phishing triage against KQL can burn through allocation in days. Teams that treat this as unlimited will hit the overage cliff and get throttled.
What You Should Do
The week your tenant gets notified, a 30-day countdown starts. Run through these steps in order.
Confirm activation date and owner
Your Global Administrator, Security Admin, or Purview Compliance Admin gets the Message Center notification. In-product banners appear in Defender, Purview, Entra, Intune, and the standalone Security Copilot portal.
Assign an owner. Someone needs to own Security Copilot the way someone owns Defender or Sentinel. Split ownership between security and IT creates the same dysfunction you see in every E5 rollout that went sideways.
Review the default provisioning settings
Auto-provisioning preselects several settings you need to review:
Data geography for customer prompts and responses
GPU processing location
Customer data sharing preferences (off by default, good)
Access to Microsoft 365 service data (on by default, review against your data handling policy)
Default owner and contributor roles
Don’t skip this. If your data residency commitments require EU processing and the auto-provisioned default is US, you’ll be explaining that to the DPO.
Deploy the highest-ROI, lowest-SCU agents first
SCU consumption varies by agent. Start with scenarios where the value per SCU is obvious:
Phishing triage in Defender for Tier 1 analyst productivity
Conditional Access optimization in Entra to find stale or overpermissive policies
Access reviews in Entra to turn a quarterly chore into a continuous control
Alert classification in Defender XDR to reduce noise before a human touches it
Skip agent deployments that require product prerequisites outside E5 (for example, anything that needs Defender for Cloud Apps as a gate). Those consume cycles without delivering value while you sort out licensing.
Instrument SCU consumption from day one
The in-product usage dashboard in the Security Copilot standalone portal tracks SCU consumption by capacity, experience, and agent. Check it weekly for the first month. You want to know:
Which agents consume the most SCU
Whether any single user or automation is dominating consumption
How close you’re trending to the monthly cap
Don’t wait for Microsoft to tell you you’re overconsumed. Know your burn rate before the 30-day overage notification arrives.
Plan the overage conversation before you need it
If your SOC deploys Security Copilot agents at scale, you’ll exceed allocation. Decide now whether you’ll:
Pay the $6/SCU pay-as-you-go rate and treat it as variable cost
Throttle and accept degraded agent availability
Prune low-value agents to stay under cap
My recommendation for most teams: budget for 20-30% overage from month two. If your team uses the tool, $6/SCU is cheap at the scenarios that matter.
Where is Microsoft heading with this?
Security Copilot is the interface. That’s the strategic play.
The standalone SKU sticks around for non-E5 customers, but expect it to feel like a legacy product. Microsoft’s investment is going into embedded experiences: agents that live inside Defender, Entra, Purview, and Intune. Every major security product roadmap now includes an agent delivery. That trajectory is clear from the Ignite 2025 agent announcements and the cadence of agent releases since.
The broader move. Microsoft is positioning E5 as the bundle where AI-assisted security is ambient. Not a feature to configure. Not a SKU to justify. The default way work happens.
This also re-prices Sentinel. If you run Sentinel as your SIEM without E5, you don’t get Security Copilot. The organization next door with E5 gets AI-assisted hunting, triage, and investigation built in. The competitive dynamic shifts. Expect Microsoft to make the Sentinel + E5 combo the path of least resistance and let Sentinel standalone fade as an AI platform.
For partners and MSSPs building on Microsoft Security, the agent-building economy just grew. Partner-built agents ride on customer SCU allocation. Agent Builder and the MCP/Graph APIs are production-ready. If you haven’t started building custom agents, the activation window is your opening.
My Assessment
This is a real unlock, not a marketing bundle. Microsoft gave up meaningful revenue to accelerate adoption of a product they believe will define the future of their security stack. They don’t do that without conviction.
The question for your team isn’t whether to adopt. It’s whether you’ll use the activation window to change how your SOC operates, or whether you’ll turn it on, burn through the allocation on random experimentation, and let it fade.
Treat April 20 as the start of a 90-day adoption sprint. Three agents in production. Consumption instrumented. A go or no-go call on standing up a custom agent of your own by end of Q2.
Microsoft is done making Security Copilot a budget question. The question now is whether your team is ready to operate at the pace of agents.
Source: Learn about Security Copilot for Microsoft 365 E5 customers
Caleb McDowell is a Microsoft Security evangelist and highly certified practitioner. He runs a Microsoft Security Services practice helping organizations deploy and operationalize the Microsoft E5 security stack. Follow on LinkedIn or subscribe at calebamcdowell.substack.com.