Security news aggregator

Latest coverage for Low-code

Low-code platforms can speed software delivery but may introduce security risks through misconfigured workflows, exposed data, and weak access controls.

29 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Low-code platforms let developers build applications largely through visual workflows, data models, and prebuilt components, with limited hand-written code. They are used for internal tools, business processes, and customer-facing services; “no-code” platforms are the more restrictive version. Security depends not only on the generated application but also on the platform, its connectors, and the configuration chosen by its users.

Material risks include excessive permissions, insecure API connections, exposed credentials, and unintended access to sensitive data when workflows or sharing settings are misconfigured. Abstracted logic can also make it harder to review authorization, input validation, and third-party components. Security teams should inventory low-code applications, assess platform and connector vulnerabilities, enforce least-privilege identities and secret management, review configurations and generated code where possible, and retain audit logs for investigation. Vendor update practices, data residency, deletion, and export capabilities also affect vulnerability management, privacy, and compliance.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 29 Filtered view

A high-severity security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck

New Funding to Aid US Government Growth, Generative AI Security Product DevelopmentZenity has closed a $38 million Series B round to advance its agentic AI security platform and extend its no-code and low-code application support. With investment from Third Point Ventures and DTCP, the funding enables Zenity to cater to clients in sectors like financial services and healthcare.

Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation, where business users are empowered to create applications swiftly using platforms like Microsoft PowerApps, UiPath, ServiceNow, Mendix, and OutSystems? The simple truth is often swept under

Loading more headlines...