Nokod Security Blog

The rapid adoption of low-code/no-code (LCNC) development and robotic process automation (RPA) presents unique cybersecurity challenges. Incorporating LCNC and RPA into the Continuous Threat Exposure Management framework can help mitigate associated risks effectively.

Nokod Security is happy to introduce its growing suite of Power Platform assessment tools helping security teams quickly evaluate the size and scope of the attack surface created by citizen development within their organization.

The Nokod Research Team discovered a data leakage vulnerability in the Microsoft Power BI service which potentially affects tens of thousands of organizations and which allows anonymous viewers on the Internet to access sensitive data, including employee and business data, PHI, and PII.

CISA and FBI issued a stern warning to eradicate SQL injection vulnerabilities for good. How, with code scanners in place and ongoing security training for developers, does this problem persist? Read our take predicting that the numbers of SQLi attacks will likely rise.

Recap of the key points from our webinar to help you understand the evolving risks and opportunities in citizen application and automation development. Dissecting supply chain attacks, we demonstrated low-code/no-code development as the new frontier for security professionals.

After a thorough evaluation and meticulous auditing process, Nokod Security is delighted to announce that we have achieved SOC 2 Type II certification.
How does it impact our team, our clients, our commitment to security excellence, and our security posture?

CVE-2023-36019 affects Microsoft Power Platform Connector and needs urgent manual fixes before February 17th, 2024. The vulnerability is of a high severity and impact level.

In recent years, Shadow Engineering has become a development practice exponentially growing inside organizations using low-code/no-code development platforms.