Session Abstract

What happens when you turn the tables on your own AI? In this session, we dive into the fascinating journey of building an autonomous agent with Copilot Studio—and then trying to break it. You’ll hear the real story of how an agent designed to streamline job applications was stress-tested with prompt injections, tool misuse, and data exfiltration attempts. Discover where the agent held strong, where it failed spectacularly, and what lessons emerged for anyone building AI-driven automation. This is not theory - it’s a candid look at the vulnerabilities, defenses, and design patterns that matter when your agent moves from the lab to the real world. Why Attend? If you’re working with Copilot Studio, Power Automate, or planning to deploy autonomous agents, this session will give you practical insights into: • Common attack surfaces and how to mitigate them • Designing safe, auditable actions and flows • Grounding AI responses to enterprise data • Building resilience without sacrificing usability Join us for a story that blends innovation, security, and a little bit of hacking fun—because the best way to understand your agent is to try breaking it.

Note to event organizers

Session content is always refreshed when technology or solution evolves. Based on blogs in https://www.karlex.fi More information and 19y experience in https://www.karlex.fi/introduction-karl-johan-spiik/

Karl-Johan Spiik

Karl-Johan has done 18 years projects with Microsoft technologies. Past six years he has been working with the Power Platform, particularly with Power Automate, Power Apps and Copilot Studio, and have extended its capabilities with Microsoft 365 and Dynamics 365 products as well as Azure resources. Karl-Johan has completed about 100 projects with various industries and organization sizes as role of Architect, Developer and Scrum Master. Karl-Johan has written four books about Community-Led Orientation and masters shared leadership theory and practice as well.

Back to speaker profile