By Yair Finzi, CEO at Nokod.
Continuous threat exposure management (CTEM) – a concept introduced by Gartner – monitors cybersecurity threats continuously rather than intermittently. A prime candidate for inclusion under the CTEM umbrella is software created in low-code/ no-code (LCNC) and robotic process automation (RPA) environments.
In his article “4 Common LCNC Security Vulnerabilities and How To Mitigate Them” on ITPro Today, Amichai Shulman illustrates the impact of low-code/no-code (LCNC) platforms, robotic process automation (RPA), and citizen development on the enterprise attack surface.
While accelerating innovation, low-code/no-code platforms introduce significant security risks, such as client-side data access issues, injection attacks, unintended public exposure, and data leakage.
Nokod’s CTO, Amichai Shulman highlights the top security risks associated with RPA (Robotic Process Automation) and shares best practices for mitigating those risks in his latest article on SC Media.
This is a must-read if you use and need to secure automations created on platforms like UiPath, MS Power Automate, Automation Anywhere, Pega, or others.
Yair Finzi, CEO of Nokod Security, shares his security perspective on citizen development and the use of low-code no-code development platforms.
It is striking – and worrying – how the current AppSec stack and practices fail to monitor and secure the apps and automations created by citizen developers. Yair discusses some of the root causes in his article.
The vulnerability was reported to Microsoft by Nokod Security, but they consider it a feature rather than a security issue, while Power BI semantic models expose all underlying data, including hidden tables, columns, and detailed records, even when only aggregated data or a subset of the data is visualized in the report.
In this Forbes article, Yair Finzi, CEO of Nokod, discusses the risks of supply chain attacks in low-code/no-code development platforms (LCAP). Virtually all platforms include a marketplace for third-party components used in apps and automation created by citizen developers. Simple mistakes can lead to vulnerabilities and risks.
Nokod has found a data leakage vulnerability in the Microsoft Power BI service. The security firm says the issue, which could affect tens of thousands of organizations, can allow attackers to access sensitive information such as employee and business data, and personally identifiable information.
By Amichai Shulman, CTO at Nokod.
Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Unfortunately, a new wave of SQLi attacks is emerging—and it’s taking a different trajectory than in the past.
In the rush to digital transformation, many organizations are exposed to security risks associated with citizen developer applications without even knowing it.
Nokod Security launched the Nokod Security Platform, enabling organizations to protect against security threats, vulnerabilities, compliance issues, and misconfigurations introduced by LCNC applications and robotic process automations (RPAs).
Industry analyst and author Richard Stiennon discussing losing and gaining cybersecurity companies. “Israel based Nokod Security has been expanding steadily since taking in its $8 million in seed funding last year. 20% growth since January 1 for this company that protects enterprise use of nocode platforms.”
Start-up funding for new Israeli cybersecurity companies has plummeted — and market-watchers expect that to continue throughout 2024. By Dan Raywood, Senior Editor, and with comments by Amichai Shulman, CTO and co-founder of Nokod Security.
Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation, where business users are empowered to create applications swiftly.
As Haje Jan Kamps tears down Nokod’s pitch deck, he remarks: “This is an example of a company that knows its strengths. In an early-stage company, a founding team that has an unfair advantage is a straight-up superpower. “
[In Hebrew] Yair Finzi and Amichai Shulman founded Nokod Security, which warns of code weaknesses and offers solutions: “Users make a lot of mistakes; a new attack surface has been created in the organization.”
“Nokod was designed to empower businesses with a platform to manage cybersecurity and compliance risks stemming from their low-code/no-code custom applications and RPA by streamlining security in the application lifecycle.”