Loading…
Thursday February 13, 2025 11:30am - 11:55am PST
Tamir Ishay Sharbat, Zenity, Software Engineer
OWASP Certified 

Microsoft Copilot Studio is the technology that powers Microsoft's copilots, and the platform behind custom copilots built in the enterprise. The promise is that everyone can build a secure copilot, under the assumption that every bot will be secure by-default. Does it hold under scrutiny?

In this talk, we will show how Copilot Studio bots can easily be used to exfiltrate sensitive enterprise data circumventing existing controls like DLP. We will show how a combination of insecure defaults, over permissive plugins and wishful design thinking makes data leakage probable, not just possible. We will analyze how Copilot Studio puts enterprise data and operations in the hands of GenAI, and expose how this exacerbates the prompt injection attack surface, leading to a material impact on integrity and confidentiality.

Next, we will drop CopilotHunter, a recon and exploitation tool that scans for publicly accessible Copilots and uses fuzzing and GenAI to abuse them to extract sensitive enterprise data. We will share our findings targeting thousands of accessible bots, revealing sensitive data and corporate credentials.

Finally, we will offer a path forward by sharing concrete configurations and mistakes to avoid on Microsoft's platform, and generalized insights on how to build secure and reliable Copilots.
Security at the speed of dev, making secure choices in design, and making security invisible and easy for developers for any size org
 

Speakers
avatar for Tamir Ishay Sharbat

Tamir Ishay Sharbat

Software Engineer, Zenity
Tamir Ishay Sharbat is a Software Engineer focused on AI with Zenity
Thursday February 13, 2025 11:30am - 11:55am PST
Dev Security World
  Dev Security World

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link