15 Ways to Break Your Copilot
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In an era where every product seemingly needs a "Copilot," Microsoft's ambitious push to integrate AI assistants across its ecosystem has brought forth powerful new tools like **Copilot Studio**. This platform empowers organizations to build custom AI assistants or extend existing Microsoft Copilots, leveraging internal data sources to enhance productivity. However, as Michael, co-founder of City of Geneva and lead of the OWASP Lokoko Top 10, revealed at Black Hat USA, this rapid adoption often outpaces security considerations, leading to significant vulnerabilities. His talk, "15 Ways to Break Your Copilot," served as a stark reminder that while Microsoft champions "secure by design" and "secure by default" principles, the real-world implementation by end-users can introduce critical security flaws.