A Security Researcher’s Guide to Understanding Copilot Studio AI Agents
Inside Copilot Studio: Architecture, Control Planes, and Injection Vectors
With new techniques for agentic AI prompt injection being released daily, attackers and defenders are reliving the old days of SQL injections. Pwns to AI agents can range from dumping business data to taking full C2 control of critical infrastructure.
BeyondTrust Phantom Labs™ has spent months reverse engineering Copilot Agents, aiming to uncover how they work, what existing Microsoft services they are built from, and how their control planes function. This blog post covers our findings, getting red and blue teams alike up to speed on:
-
Copilot Studio's implementation of AI agents
-
The deeper Microsoft architecture these agentic workflows were built from
-
Prompt Injection techniques Copilot Studio agents are prone to
-
The maker credentials anti-pattern
Continue reading HERE
Customer Case Study
ivision: How ivision Simplifies and Scales Identity Security with BeyondTrust
Latest Available Versions
EPM for Windows 26.1.59 - June 2026
EPM for Windows and Mac (Cloud and Pathfinder) v26.1.1495
EPM for Mac v26.1 - March 2026
BeeKeepers Hot Topics
Managing AI Application Control at Scale: A Situational Workstyle approach in EPM for Windows
”Hey BeeKeepers! Welcome to another edition of suggesting AI EPM policy rules. This advice is geared at creating a separate AI Workstyle for the exact reason that the space is highly dynamic. This is an evolution from using the All Users workstyle for a global block, and then trying to navigate how to handle exceptions..”
Click here for the most popular discussions in BeeKeepers
Upcoming and In Case You Missed It Webinars
Upcoming Road Map: Endpoint Privilege Management - July 7, 2026
User Group: Q2 EPM User Group
Blog: Joining Project Glasswing: Securing the Privilege Backbone of the AI Era
Tech Talk Tuesday: AI-assisted work-flow with Pathfinder AI and Pathfinder MCP – July 2, 2026
Podcast: The Adventures of Alice & Bob: Cyber Security and the Art of story Telling
Webinars:
The Ghost in the Machine (Securing Non-Human Identities) – July 9, 2026
DevSecOps in the Real World – July 9, 2026
The Okta Policy Playbook: Building Stronger Identity Controls – July 22, 2026
The Vendor Access Problem in K12: Practical Steps to Protect Student Data and District Operations – July 28, 2026




