Skip to content
30 Nov 2026
Event

ESPC Microsoft 365 and AI

Building Agents, Breaking Rules! Securing what you should know about the OWASP LLM Top 10

RAI Amsterdam - Amsterdam, The Netherlands

30-11-2026 - 03-12-2026

Building Agents, Breaking Rules! Securing what you should know about the OWASP LLM Top 10

Copilot Studio makes it easy for anyone to build agents. Connect a SharePoint library, add a few topics, and you are live. But what happens when a user tries to override your instructions, or when poisoned content in your knowledge base starts feeding bad information back to users?

In this session, we map the OWASP Top 10 for LLM Applications directly to the kind of Copilot Studio scenarios makers and citizen developers create every day. Think HR bots exposing confidential contracts, catch-all plugins modifying records they should not touch, leaked system prompts, and public-facing agents getting hammered by automated abuse.

You will learn how to:

  • Map the OWASP LLM Top 10 to real Copilot Studio risks
  • Use content moderation, authentication, and permission boundaries as practical guardrails
  • Scope plugin actions and knowledge access so agents stay within their lane
  • Review existing agents with a security-first checklist

This session is aimed at makers and governance leads who already have a basic understanding of building agents and agentic workflows. We focus on LLM risks and mitigations in Copilot Studio scenarios, not on the OWASP top 10 for low-code or software development in general.

Other Upcoming Events