Thursday 30 July 2026 · Doors open 2:30 PM · 3:00 PM–8:15 PM AEDT
Explore how to build evaluation gates into your CI/CD pipelines so you can catch quality, safety, and groundedness regressions before they reach production
Koustubh Bhaskar Gaikwad
Sr. Manager PwC Engineering ·
Solution Architect - PwC
Raj Mallikarjuna
Solution Architect - PwC · PwC
As AI moves from hype to day-to-day reality, a new challenge has appeared: rogue AI agents built and used beyond official channels. These range from well-intentioned employee-made copilots to unvalidated third-party AI bots quietly plugged into enterprise data. This session dives into the dual nature of these agents: incredible productivity drivers and potential security nightmares. We'll unpack the key risk areas, like sensitive data leakage, lack of accountability and agents acting with unchecked privileges, showing why traditional defenses fall short. Then we'll pivot to solution, outlining Zero Trust-inspired strategies to regain control. Learn how to treat AI agents as first-class identities (unique credentials, least-privilege access) and apply continuous monitoring so that even autonomous code follows corporate security rules. We'll share best practices for logging and auditing AI-driven actions to build trust internally and with regulators. Attendees will also get a glimpse of how these concepts manifest in emerging enterprise tooling by a neutral look at Microsoft's Agent 365 as control plane and reliance on Microsoft security ecosystem for identity management, data security and monitoring/auditing capabilities.
Pouya Koushandehfar
Pouya Koushandehfar, Senior Cybersecurity Architect and Leader · PwC
When managing web apps these days, it often feels like one of the biggest parts of our job is just pew-pewing bots - and just when human-scripted bots weren't enough fun, AI scraping came along, LLM training ramped up and the Noise. Just. Kept. Growing! So we need to look at solutions like firewalls and rate limiting, which means more costly infrastructure and adding layer after layer of protection. Since .NET 7, we've actually had a built-in middleware at our disposal, which can be configured purely in code, within less time than it's taken me to write this abstract. In this session I'll cover what the .NET rate limiting middleware has to offer, how to configure it and scale it for real world applications, and dig into some of the limitations and gotchas for integration with existing infrastructure. Let's "slow things down" (!) and push back against the army of bots.
Bron Thulke
Software Engineer, CTO and Cofounder · YouLi Travel, Microsoft MVP (.NET)
Enterprise AI is rapidly evolving from simple copilots and chat interfaces toward systems that can reason, coordinate work across multiple enterprise platforms, and execute complex business processes. However, as organisations scale AI adoption, they face challenges around governance, control, auditability, capability reuse, and operational complexity. Reed is a governed enterprise AI execution platform that dynamically composes reusable capabilities, enterprise knowledge, and integrations into runtime execution workflows. Rather than relying on large numbers of persistent agents, Reed constructs bounded execution graphs at runtime, enabling AI-driven automation while maintaining governance, traceability, and operational control.
Marcelo Maidana
Managing Director PwC Engineering ·
Microsoft 365 security is often treated as a collection of one-time configuration decisions, but in reality it's a constantly moving target. New features, policy changes, and administrative actions can quickly introduce risk and this is true especially when security is managed manually and reactively. In this session, we'll explore how to apply practical SecOps principles to Microsoft 365 by automating the boring but critical parts of security operations. Rather than assuming unlimited budget or a fully staffed SOC, this session focuses on starting small and evolving over time. You'll learn how to continuously assess your tenant's security posture, detect configuration drift, and respond to common security issues using native Microsoft tools and automation capabilities you already own.
Chris Goosen
Technology Consultant and Microsoft MVP ·
Sensors lie. They drift, jitter, warm up slowly, and sometimes stop talking altogether. ML.NET can catch these issues on the edge without training data, GPUs, or cloud connectivity. ML.NET can detect spikes, drift, timing anomalies, and sensor failures using lightweight SSA models running on industrial controllers saving uplink bandwidth and enabling close to real-time local control. Had a selection of sensors and industrial controller worked through how to build applications which look for anomalies and change point detection. Azure backend with Azure EventGrid MQTT broker
Bryn Lewis
Microsoft MVP, maker, husband & father of two. I build stuff, break stuff & make up for a lack of talent with persistence ·
We are entering a phase where AI is no longer limited to chat interfaces and simple assistance. The next wave is about AI systems that can plan, coordinate, and execute tasks across tools, data sources, and workflows. This session explores how organizations can design AI teammates autonomous or semi-autonomous agents that work alongside people, not just respond to prompts. We will look at how these systems are structured, how they interact with enterprise data and APIs, and what it takes to deploy them responsibly in real business environments. The focus is practical: architectures, lessons learned, and where this shift is already creating measurable impact. What attendees will walk away with : A practical view of how AI teammates differ from traditional copilots Real architectural patterns for agent-based systems Strategies for integrating agents into enterprise workflows Key considerations for trust, control, and governance Insights into where agentic systems are delivering value today
Asif Waquar
Cloud Solution Architect · Munich Re
Principal Product Manager - Microsoft
Shobhit Garg
Principal Product Manager - Microsoft · Microsoft
This talk focuses the product foundry local with a demo on how this can be used to solve a fun real world problem, which we're then going to relate to how it cane be extended to enterprise scenarios.
Venura
Director, Engineering · PwC Australia
Join us for a 45-minute intermediate-level session where you'll learn how to create and enhance custom AI agents using Microsoft Azure Foundry. This session will provide an overview of Foundry's role within the broader Copilot ecosystem and guide you through the process of building agents that can interact with your data, extend Microsoft Azure Foundry functionalities, and transform user interactions. Key Topics: 1. Understanding agents and Foundry's place in the ecosystem. 2. Methods for building agents (templates, conversational design, etc.) 3. Integrating knowledge sources into your agents 4. Adding actions and custom logic Customizing the chat interface 5. Publishing and extending your agents
Dharanidharan Balasubramaniam
Microsoft MVP - Business Applications & MCT ·
Misconfigured policies are one of the easiest ways attackers slip through the cracks and they're far more common than most organisations realise. In this session we will dive into the top 5 Geo-blocking policies in Microsoft Entra - where these often look "secure" but still leave major gaps Macro blocking with Microsoft 365 Business Premium - common assumptions vs what's actually enforced Defender for Office 365 - misaligned policies that weaken email protection Compliance policies - settings that exist on paper but don't deliver in practice SharePoint & OneDrive external sharing - how small configuration choices can create big exposure
Nathan Atkins
Helping organisations turn Microsoft 365 into a security advantage. ·
AI-powered development is accelerating rapidly, but many teams are unknowingly burning through tokens due to how context is constructed and used. As organisations adopt AI tooling and agentic workflows, inefficient context usage can quietly increase cost, reduce performance, and degrade output quality. In this session, we will break down how modern AI systems use context, including how prompts are expanded with additional data, how tokens are consumed across interactions, and why context windows should be treated as a designed resource rather than an infinite scratchpad. We will explore common patterns that lead to excessive token usage, such as large working sets, long-running interactions, and uncontrolled agent loops. From there, we will look at practical approaches to regaining control, including focused work loops, context management strategies, and using the right model for the right task. Finally, we will explore how to introduce observability and control into AI workloads through platform-level patterns, including AI gateways, usage attribution, and policy-driven design. Attendees will leave with a clearer understanding of how tokens are used across AI systems and how to design more efficient, observable, and cost-aware AI-powered development workflows.
Dylan McCarthy
Principal Solution Consultant · Versent, Microsoft MVP
Artificial Intelligence and Machine Learning are rapidly becoming embedded across security operations-shaping how threats are detected, identities are assessed, and data risks are surfaced. As security platforms increasingly rely on AI-assisted decision-making, leadership responsibility is shifting. In this session we explore where AI and ML genuinely amplify security controls-such as accelerating incident response, analysing identity risk signals, and identifying data exposure-and where they introduce new classes of risk.
Alessandro Cardoso
Microsoft Program Architect · Microsoft
Senior Cloud and AI Architect at Microsoft
Mobin Daraie
Senior Cloud and AI Architect · Microsoft
Context is the new king in Agentic AI world. In this session we will understand how context plays a very important role in Agentic AI. We will understand how to improve and manage the context so that we get better results from Agentic AI.
Nilesh Gule
Passionate about software with a motto "Code with Passion and strive for Excellence" · Avanade
Many Azure SaaS systems start with a simple idea: add a tenant ID column, authenticate users with Microsoft Entra ID, and make sure every query filters by tenant. That works at prototype scale, but it quickly becomes fragile when customers need different compliance boundaries, data residency, encryption keys, network controls, feature flags, audit trails, and operational isolation. At that point, multi-tenancy stops being a database pattern and becomes a full architecture problem. This session explores how to design a production-grade multi-tenant SaaS architecture on Azure where each tenant is treated as a first-class operational boundary. We will go beyond the usual "shared database versus database-per-tenant" discussion and examine how tenant context should flow through identity, APIs, compute, data storage, secrets, observability, deployment, and incident response. The session will walk through a reference architecture using Microsoft Entra ID, Azure API Management, Azure Container Apps or Azure Functions, Azure SQL or Azure Database for PostgreSQL, Row-Level Security, Azure Key Vault, Azure App Configuration, Azure Monitor, Log Analytics, and Defender for Cloud. We will look at how to enforce tenant isolation at multiple layers instead of trusting application code alone, how to prevent cross-tenant data exposure, how to support noisy-neighbour controls, and how to build tenant-aware telemetry that makes support and incident investigation practical. Attendees will leave with a concrete design model for building safer and more scalable SaaS platforms on Azure. They will understand the trade-offs between shared, pooled, and isolated tenancy models, how to combine identity claims with database and API-level enforcement, and how to design for enterprise customer requirements without creating a separate snowflake environment for every tenant.
Renaldi Gondosubroto
Director · Cloudetica Solutions
Using Power Automate, Dataverse, Microsoft Graph, and Power BI - you can build your own usage reporting dashboard that shows you MUCH more than what you can get out of the box! Want to drill down by manager? You can! Want to see which job titles are getting the most usage? Sure! What about a leaderboard of top Copilot users in the entire organization? It's all possible with this dashboard solution. We don't just cover the theoretical here: we will also share lessons learned from implementing the Copilot Dashboard several global organizations ranging from hundreds to tens of thousands of Copilot users. This Copilot Reporting Dashboard can be a valuable tool for starting conversations with stakeholders, figuring out which groups to focus on, measuring growth after trainings, and proving business value to leadership, all of which we will discuss in this session. We'll also show you a sneak peak of how to perform your own prompt and conversation analysis!
Loryan Strant
Avanade, Microsoft 365 MVP, Builder of Widgets ·
Is .NET the most versatile platform in the game - or has it quietly turned developers into specialists who can't see past the Microsoft ecosystem? Is low-code the democratisation of software development - or just a fast lane to unmaintainable enterprise spaghetti? And are AI copilots making us sharper, more productive developers - or quietly eroding the deep skills that made us good in the first place? In this session, Lars and Bron go head-to-head across three of the most divisive questions facing Microsoft developers right now. No panels, no wishy-washy "it depends" - just two opinionated developers arguing both sides of debates the community is already having in Slack threads and conference hallways. Come ready to pick a side. Audience participation is not optional.
Lars Klint
DevRel · Atlassian - Microsoft MVP - Llama Farmer
Agentic workflows are reshaping how engineering teams build, test and ship software. Traditional CI/CD pipelines gave us automation and consistency, but they were never designed for a world where AI can reason, adapt and act with context. This session explores how continuous AI represents the natural evolution of CI/CD, moving from static pipelines to intelligent systems that can analyse code, make decisions and orchestrate complex tasks across the development lifecycle. The talk is built around live demonstrations that show agentic workflows operating inside real repositories. Attendees will see how these workflows integrate with existing development practices, how they collaborate with engineers, and how they unlock new patterns for testing, refactoring, optimisation and operational resilience. The goal is to show that agentic automation is not a future concept but something teams can adopt today to realise immediate and meaningful benefits. This session offers a practical and forward looking view of what comes after traditional automation and how continuous AI will redefine the way modern teams deliver software.
AJ Bajada
Arinco, Practice Manager · Arinco
Cross-cloud migrations are expensive, slow, and repetitive. You need someone to inventory every resource, map services to equivalents on the target cloud, rewrite your functions, convert your IaC, wire up secure CI/CD pipelines, and validate everything before it touches production. That's weeks of work too structured to be interesting, but too risky to rush. What if that same pipeline could run in hours? In this session we reveal a framework of custom GitHub Copilot and Azure Foundry agents each with a specific role, specific instructions, and a specific output that collectively orchestrate the entire migration from a single prompt. We'll use an AWS to Azure migration as our live example: discovery, architecture mapping, code refactor, Bicep IaC, pipelines, validation. Done. The twist? These agents are only as good as the person instructing them and that's the real skill this session teaches.
Danidu Weerasinghe
Azure MVP, Consultant · Arinco
