Not so intelligent :
Abusing AI to weaponize Power Automate flow in Azure
17 April 2026 | 10:00 AM ET | 2+ Hours Duration
Overview
Microsoft Azure and the Power Platform allow businesses to use Logic Apps and Power Automate respectively to automate simple tasks with complex cloud work, and integrating AI agents such as Copilot Studio to let employees control cloud resources with natural language. To keep things secure, developers often opt for secure, passwordless environments where different Azure services can communicate with each other seamlessly.
In these setups, Copilot agents act as the operational brain. These agents are connected to Power Automate flows that have the power to perform high-level actions, such as managing Azure resources. Now, because these workflows stay within the Azure, security teams often assume the input is safe.
In this webinar, we will explore how a threat actor can pivot from a single compromised identity to controlling high-value cloud resources by exposing hidden links between corporate identities and automated AI workflow. We will demonstrate how Prompt Injection can trick a Copilot agent into abusing its own internal tools to leak sensitive data, all while bypassing traditional security filters. Finally, we will discuss the security steps to harden automation and protecting cloud data from being exploited by "intelligent" agents.
.png)
Register
Unlock exclusive offers, webinars & giveaways
Attend Live Webinar
17 April 2026 | 10:00 AM ET | 2+ Hours Duration
Practice Attacks
Explore challenges and labs focused on Azure Security and Red Teaming on the Red Labs Platform
Get Webinar Participation Certificate
Unlock Exclusive Offers
Flat 20% OFF on Cloud Red Team Tactics for Attacking & Defending Azure – Beginner's (CARTP®) & Cloud Red Team Tactics for Attacking & Defending Azure – Advanced (CARTE®).
Vishal Raj
MEET THE INSTRUCTOR
Vishal Raj is a security researcher at Altered Security specializing in cloud security, red teaming, and network security. With a strong focus on identifying and exploiting misconfiguration in modern cloud environments, Vishal is passionate about enhancing enterprise security by simulating real-world attack scenarios and providing actionable defense strategies. Vishal extensively conducts research on Microsoft Entra ID, contributing to the understanding of identity and access management vulnerabilities in cloud environments. In addition to his technical expertise, Vishal actively contributes to the cybersecurity community by writing insightful blogs on a variety of security topics. His writings aim to bridge the gap between theoretical concepts and practical application, empowering others in the field.