Security Insights Now Available in the ASPX Copilot Tab: A New Era of Partner-Driven Security Intelligence

Microsoft has quietly shipped a capability that could fundamentally change how Cloud Solution Provider (CSP) partners engage with customers on security: security insights powered by Copilot are now available directly within the ASPX (Actionable Sales Performance Experience) tab in Partner Center.

Announced June 9, 2026, this integration merges Microsoft's security analytics engine with the partner-facing growth platform — creating a unified view where sales performance and security posture coexist. For Cloud Factory partners, this is more than a UI update. It is a new revenue signal sitting inside the tool you already use every day.

What Is ASPX and Why Does It Matter?

The Actionable Sales Performance Experience (ASPX) is Partner Center's analytics hub for partners enrolled in the Microsoft AI Cloud Partner Program. It provides:

- Revenue growth metrics across solution areas
- Customer acquisition and deployment health indicators
- Subscription trend analysis
- Performance benchmarking against Solutions Partner designation requirements

ASPX has always been the place where partners go to understand how their business is performing. Now, with the addition of security insights in the Copilot tab, it is also becoming the place where partners understand how secure their customers are.

What the New Security Insights Show

The Copilot-powered security tab within ASPX surfaces intelligence that was previously scattered across multiple Microsoft portals — Defender XDR, Microsoft Secure Score, Entra ID reports, and compliance dashboards.

Key insights now visible include:

Customer Security Posture Overview

A consolidated view of security health across your managed customer tenant base. This includes:

- Microsoft Secure Score trends — Is the customer's security posture improving or declining over time?
- Unprotected endpoints — Which customers have devices not enrolled in Microsoft Defender for Endpoint?
- Identity gaps — Which tenants lack MFA enforcement, conditional access policies, or Entra ID P2 features?
- Data protection status — Are Data Loss Prevention (DLP) policies deployed across Exchange, SharePoint, and Teams?

Threat Exposure Indicators

Copilot analyzes aggregated — and anonymized — threat intelligence across your customer portfolio to highlight:

- Industries or geographies facing elevated attack volumes
- Common misconfigurations across multiple tenants
- Recommendations for security SKU upgrades (e.g., moving from Microsoft 365 E3 to E5 for advanced threat protection)

Revenue-Aligned Recommendations

This is where ASPX becomes a true sales enabler. Security insights are presented alongside quantified upgrade paths:

- "Customer X is at 73% Secure Score. Upgrading to Microsoft 365 E5 would unlock Defender for Endpoint, Purview Information Protection, and Entra ID P2. Estimated monthly uplift: €Y"
- "3 customers in your portfolio have unprotected endpoints. Microsoft Defender for Business add-on is eligible for the current promotion."

Why This Integration Is Strategically Significant

1. Security Is No Longer a Separate Conversation

Traditionally, security sales required partners to pull data from Defender XDR, Entra admin centers, and compliance portals — then manually correlate it with licensing data. The ASPX Copilot tab does this correlation automatically, presented in the same interface where partners already track revenue growth.

The implication: Security becomes a natural extension of the quarterly business review, not a separate, interruptive conversation.

2. Copilot Validates the Upgrade Business Case

When Copilot generates a recommendation like "Upgrading Customer Y to E5 would increase their Secure Score by an estimated 22 points," that recommendation carries the weight of Microsoft's own analytics engine. It is not a partner making a sales pitch — it is Microsoft's AI affirming the customer's security need.

For Cloud Factory partners, this is a powerful narrative tool: "According to Microsoft's Copilot analysis within Partner Center, your current security posture has the following gaps, and here is the specific SKU path to address them."

3. Portfolio-Wide Security Visibility

A partner with 200 customers cannot manually review the security posture of each tenant every month. The ASPX security insights solve this by providing:

- Top 10 customers by security risk — Prioritize outreach to the most exposed accounts
- Security coverage gaps by SKU tier — Identify which customers are on Business Premium (partial security) vs. E5 (comprehensive security)
- Compliance readiness indicators — NIS2, GDPR, and ISO 27001 alignment scores where applicable

Practical Application for Cloud Factory Partners

Here is how a typical Cloud Factory partner can operationalize this new capability:

Weekly playbook:

  1. Monday: Log in to Partner Center → ASPX → Copilot tab → Review Security Insights
  2. Identify the top 5 customers with the largest security gaps and highest upgrade revenue potential
  3. Schedule security-focused QBRs with those customers
  4. Before each meeting, export the specific Copilot recommendations for that customer
  5. During the QBR, present Microsoft's own analysis alongside a Cloud Factory implementation proposal
Monthly playbook:
  1. Export the portfolio-wide security posture report
  2. Cross-reference with renewal dates — customers with upcoming renewals and security gaps are prime candidates for SKU upgrades
  3. Build a "Security Health Campaign" targeting the subset of customers with Secure Scores below 60%

Technical Considerations

Data Privacy

Microsoft confirms that security insights in ASPX are aggregated at the partner level and do not expose individual customer vulnerability details across tenants. Each partner sees only their own customer data — never another partner's.

Permissions

To access the security insights tab, Partner Center users need:
- Role in the Partner Center Pricing workspace (for ASPX access)
- Minimum Security Reader GDAP role on customer tenants (for Secure Score ingestion)

If your team uses scoped GDAP relationships, verify that Security Reader is included in your standard role package.

API Access

For partners who want to integrate ASPX security insights into their own CRM or customer success platforms, the data model is consistent with the existing Partner Center reporting APIs. Expect Microsoft to document security-specific endpoints in the coming weeks.

The Competitive Angle

Partners who adopt this capability early gain a measurable advantage. Consider two hypothetical partners of equal size:

- Partner A reviews ASPX security insights monthly, uses Copilot recommendations in customer conversations, and converts 15% of security-gap conversations into SKU upgrades.
- Partner B never opens the Copilot tab and relies on ad-hoc security sales.

Over 12 months, the revenue delta — driven by better timing, stronger business cases, and more efficient outreach — can easily reach six figures for a portfolio of 200 customers.

At Cloud Factory scale, if 300 of our 900 partners adopt this workflow, the aggregate revenue impact is measurable in millions.

Next Steps for Partners

  1. Access the Copilot tab: Partner Center → ASPX → Copilot tab → Security Insights (ensure your GDAP roles include Security Reader)
  2. Train your account managers on reading Secure Score trends and mapping them to SKU upgrade paths
  3. Create a security QBR template that incorporates Copilot-generated recommendations
  4. Set a monthly calendar reminder to review the portfolio-wide security posture report
  5. Track conversion: Measure what percentage of security-insight-driven conversations result in SKU upgrades or new add-on purchases

Conclusion

The integration of security insights into ASPX's Copilot tab is not merely a feature launch. It is Microsoft making a statement: security is inseparable from customer success, and partners who understand this will outperform those who don't.

For Cloud Factory partners, this is a ready-made playbook. The data is there. The recommendations are AI-generated. The only variable is whether your team uses them.

Ready to grow your Microsoft practice? Explore Cloud Factory's partner platform →

Looking for your local Cloud Factory team? Find your country's contact →