As AI continues to revolutionize industries, it also introduces a wave of emerging security challenges that may not even yet be identified or known. This panel brings together experts from engineering, cloud business, venture capital and security innovation to explore the intersection of AI disruption and the evolving threat landscape. Join our panel as they discuss pressing issues such as the shared responsibility of engineering teams in safeguarding data, how AI agents can deliver opportunities of scale and efficiency while at the same time exposing organizations to novel vulnerabilities, and the risks of AI models becoming unintentional backdoors. Treating AI as a typical third-party risk in the supply chain will help shed light on the risks of adopting the very technologies driving innovation.

Come ready with tough questions for our panelists, and leave with insights into how organizations can address the risks and opportunities presented by a whole new host of disruptive technologies, to be better equipped to secure modern and early adopter organizations against next-gen threats.

The world of AI and LLM is eating the software world as more and more LLM and AI features are being incorporated into production products.But with the opportunities coming—there are a lot of AI and LLM attacks out there, and the complexities are not just increasing, they are challenging the devs to stay engaged and vigilant.In this session, we will delve into the complex and elaborated attacks, seeing how attacks and attack generators on LLM work and, more importantly, how to defend against those attacks. This is not just a theory but a real-world application.

To build trust, cybersecurity requires a radical attitude shift. This session will provide strategies for fostering a proactive security culture, ensuring your organization is both resilient and secure from the inside out.

Whatever your need as a hacker post-compromise, Microsoft Copilot has got you covered. Covertly search for sensitive data and parse it nicely for your use. Exfiltrate it out without generating logs. Most frightening, Microsoft Copilot will help you phish to move lately. Heck, it will even social engineer victims for you!

This talk is a comprehensive analysis of Microsoft copilot taken to red-team-level practicality. We will show how Copilot plugins can be used to install a backdoor into other user’s copilot interactions, allowing for data theft as a starter and AI-based social engineering as the main course. We’ll show how hackers can circumvent built-in security controls which focus on files and data by using AI against them.

Next, we will drop LOLCopilot, a red-teaming tool for abusing Microsoft Copilot as an ethical hacker to do all of the above. The tool works with default configuration in any M365 copilot-enabled tenant.

Finally, we will recommend detection and hardening your can put in place to protect against malicious insiders and threat actors with Copilot access.