Explore the latest in low-code security trends, risks, and strategies to protect your apps. Stay ahead of vulnerabilities with expert insights.
Search across headline titles and summaries.
Background for this topic.
Low-code is a development approach that enables the creation of applications through graphical user interfaces and configuration instead of traditional hand-coded computer programming. In the realm of information security, low-code platforms offer various opportunities and challenges.
On one hand, they can help organizations swiftly develop and deploy secure applications by providing pre-built security features and compliance templates. These can reduce the risk of human error and enforce security best practices at the development stage. Built-in auditing and analytics can also help in proactively identifying potential security issues.
On the other hand, low-code platforms raise unique security concerns. They may abstract complex code to such an extent that it becomes difficult for developers to understand the underlying security mechanisms. This opaqueness can lead to a false sense of security if developers aren't diligent in customizing and reviewing the security settings.
Moreover, as with any third-party software, low-code platforms come with the risk of vendor lock-in, where the security of applications is closely tied to the platform's own security posture. Therefore, rigorous vendor assessment and an understanding of the platform's update and patch management policies are crucial.
Weekly headline count for the current query.
Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers.
Cybersecurity researchers have uncovered over 20 configuration-related risks affecting Salesforce Industry Cloud (aka Salesforce Industries), exposing sensitive data to unauthorized internal and external parties
No-code and low-code platforms offer undeniable benefits. But when security is an afterthought, organizations risk deploying vulnerable applications that expose sensitive data and critical systems.
Low-code/no-code (LCNC) and robotic process automation (RPA) technologies allow companies to speed up development processes and reduce costs, but security is often overlooked. When this happens, the risks can outweigh the benefits.
While low-code/no-code tools can speed up application development, sometimes it's worth taking a slower approach for a safer product.
As the adoption of LCNC grows, so will the complexity of the threats organizations face.
New Funding to Aid US Government Growth, Generative AI Security Product DevelopmentZenity has closed a $38 million Series B round to advance its agentic AI security platform and extend its no-code and low-code application support. With investment from Third Point Ventures and DTCP, the funding enables Zenity to cater to clients in sectors like financial services and healthcare.
Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation, where business users are empowered to create applications swiftly using platforms like Microsoft PowerApps, UiPath, ServiceNow, Mendix, and OutSystems? The simple truth is often swept under
A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections.
Nokod Security is building a platform that enables organizations to secure in-house low-code/no-code custom applications by scanning for security and compliance issues and applying remediation policies
With the introduction of generative AI, even more business users are going to create low-code/no-code applications. Prepare to protect them.
Getting a handle on the new risks facing appsec by low-code/no-code development patterns
How can we build security back into software development in a low-code/no-code environment?
By authenticating and authorizing every application, and by maintaining data lineage for auditing, enterprises can reduce the chances of data exfiltration.
Here's what that means about our current state as an industry, and why we should be happy about it.
Automating security for OT infrastructure can help organizations combat a rising volume of cyber threats in an era when security professionals are in short supply.
Security teams that embrace low-code/no-code can change the security mindset of business users.
How a well-meaning employee could unwittingly share their identity with other users, causing a whole range of problems across IT, security, and the business.