Summary of "Narzędziownik AI 2.0 Reloaded - sesja 4"

Overview

Live demo-led session about the Microsoft Copilot ecosystem presented by Tomasz (Tomek) Turba from Sekuritum / Sekurak Academy.
Focus areas:
- Feature walkthroughs across Copilot Chat, Microsoft 365 Copilot, Copilot Studio/agents.
- Integration with Office apps and Microsoft Edge.
- Creation of agents and flows in Copilot Studio.
- Media generation (audio, images, 3D).
- Security and privacy implications for enterprises.

Copilot Chat
- Browser/app chat interface (similar to ChatGPT/Gemini chat).
- Available free in some tenants.
- Offers modes like “deep reasoning” and “search”.
Microsoft 365 Copilot
- Integrated assistant inside Office apps (Word, Excel, PowerPoint, Outlook, OneDrive, Teams).
- Reads open documents and provides summaries, edits, content generation and automation tied to tenant data via Microsoft Graph.
Copilot Pro / paid tiers
- Unlock additional functions (longer context, advanced security controls, agent features).
- Pricing examples cited around $20–30/month.
Copilot Studio & Frontier (agent mode)
- Builder environment for creating custom agents and workflows.
- Supports sub-agents, knowledge sources, connectors and workflow automation.

Word
- Document summarization, editing suggestions, “add to document” generation.
- Human-in-the-loop edits with multiple alternatives to accept.
Excel
- Formula assistance and natural-language conditional formatting/task execution.
- Demo noted glitches after updates; behavior can differ between desktop and browser.
PowerPoint
- Create presentations from prompts or input files.
- PowerPoint Designer remasters slides and suggests visuals/layouts.
Outlook
- Mailbox summarization and suggested replies.
- Major privacy concern: Copilot can read entire mailbox threads.
OneDrive / SharePoint / Purview
- Copilot can surface and summarize files.
- Purview/retention/Preservation Hold Library can log Copilot interactions and stored prompts/answers.
Teams / OneNote
- Meeting summarization and transcripts (Teams).
- OneNote used as a knowledge base with uploaded PDFs and Q&A on content.
Media generation
- Image generation (DALL·E 3 via Microsoft).
- Copilot 3D (generate 3D objects, export STL/GLB).
- Audio/podcast generation and English-first TTS.
- Copilot Vision (image understanding in Edge) and in-browser gaming demos.
Frontier agent
- Agent-mode demo that browses sites, extracts data and builds reports.
- Copilot Studio provides richer agent configuration and connectors.

Native Microsoft Graph integration ties Copilot to tenant data.
Copilot Studio supports external connectors and datastores:
- Dataverse, Azure OpenAI, Salesforce, SAP, Zendesk, Snowflake, Confluence, etc.
Workflow/automation features inside Studio (analogous to Zapier/Make/N8N) for triggers and flows.

Copilot is powerful but introduces new leakage and governance risks — tenant-level protections and careful configuration are essential.

Tenant isolation
- Copilot accesses tenant data via Microsoft Graph; admins must configure protections and access controls.
Guardrails / prompt shielding
- Microsoft applies automated checks against leaks and malicious prompt injection, but these controls are not foolproof.
Data Loss Prevention (DLP) & sensitivity labels
- Use sensitivity labels and DLP to prevent Copilot from exposing confidential documents.
- Default behavior can cause retention of prompts/responses in Purview.
Agent risk
- Agents that call external APIs or connectors pose higher leakage risk if misconfigured.
- Sub-agents and memory features require governance.
Known attack vectors / incidents referenced
- Zero-click leaks, prompt injection attacks, Moldbook (super-agent leaks) and GitHub data-extraction incidents were discussed as examples.
Best-practice recommendations
- Avoid pasting personal or special-category data into Copilot.
- Configure sensitivity labels and tenant-level controls before rollout.
- Enable human verification of generated outputs.
- Train staff on safe use and restrict Copilot per app or user where needed.

Language and region limits
- Some features (audio generation, voices, 3D, certain templates) are English-only or region-limited.
Desktop vs browser differences
- Some Copilot features work differently or better in Edge/browser than in desktop apps; updates can temporarily break behavior.
Model naming/version references
- Speaker mentioned Microsoft using advanced GPT-family models (e.g., “GPT-5 / GPT5.1” references) and integration partnerships (OpenAI ↔ Microsoft, DALL·E 3).

Competitors and alternatives mentioned:
- Google Gemini / Workspace (positioned as a competitor).
- Other LLMs: Claude, GPT, Perplexity, GitHub Copilot (for code).
- Local models and tooling: Llama, Alpaca, Anyone-LLM, LM Studio, Obsidian + local LLMs.
Speech / text tooling referenced:
- Eleven Labs, Whisper, Suno for audio/TTS.

Capabilities shown
- Custom system prompts (large prompt editor — demo showed ~8000-character editor).
- Knowledge base sources: SharePoint, OneDrive, public websites, databases and third-party connectors.
- Sub-agents, workflow triggers, API integrations and publication/provisioning steps.
- Admin controls and agent approval workflows.
Licensing
- Copilot Studio and some agent features require paid Copilot / Microsoft 365 licenses.

Live demos included:
- Word summarization & editing, PowerPoint generation, Excel conditional formatting, Outlook summary/reply drafting.
- OneNote PDF ingestion and Q&A, podcast/audio generation, Copilot 3D object export.
- Frontier/agent report generation and Copilot in Edge (vision & browsing).
Trainings / guides:
- AI Toolbox (Narzędziownik AI) series — this was session 4.
- Upcoming sessions referenced: AI for parents & children; “Learn 10 OSINT skills”; sessions on leaks/cybersecurity; advanced/technical AI trainings (Obsidian + AI, agent/operator training, local models & model training).
- Sekurak / Sekuritum articles and newsletters (“AI without sugarcoating”) with write-ups on Copilot vulnerabilities and DLP guidance.

Plan tenant-level governance before rolling out Copilot:
- Configure sensitivity labels, Purview, DLP and restrict agent connectors as needed.
Training and user behavior
- Train users on what to paste into Copilot and enforce human-in-the-loop checks for generated content.
Rollout strategy
- Use staged rollout with restricted app access (e.g., disable Copilot in Outlook if necessary).
- Monitor logs, retention and Purview records.
Risk management
- Use Copilot Studio and agent features only after risk assessment; audit connectors to ERP/CRM systems carefully.

Microsoft Copilot (copilot.microsoft.com), Microsoft 365, Microsoft Edge.
Sekurak / Sekuritum (blog/articles, Sekurak Academy trainings).
OpenAI / DALL·E, Google Gemini, Claude, GitHub Copilot.
Third-party tools: Eleven Labs, Suno, Perplexity, Zapier, Make, N8N, Salesforce, SAP, Snowflake, Confluence, Obsidian.

Main presenter: Tomasz (Tomek) Turba — Sekuritum / Sekurak Academy.
Referenced sources/platforms: Microsoft (Copilot docs, Edge, Microsoft 365), Sekurak/Sekuritum (security write-ups), OpenAI/Gemini/Claude/GitHub Copilot and other vendors cited in demos and comparisons.