Nokod Security Blog
In Plain Sight: How Microsoft Power BI Reports Expose Sensitive Data on the Web
The Nokod Research Team discovered a data leakage vulnerability in the Microsoft Power BI service which potentially affects tens of thousands of organizations and which allows anonymous viewers on the Internet to access sensitive data, including employee and business data, PHI, and PII.
The Unbearable Stubbornness of SQL Injection Vulnerabilities
CISA and FBI issued a stern warning to eradicate SQL injection vulnerabilities for good. How, with code scanners in place and ongoing security training for developers, does this problem persist? Read our take predicting that the numbers of SQLi attacks will likely rise.
Webinar Recap: Navigating the Risks of Citizen Development
Recap of the key points from our webinar to help you understand the evolving risks and opportunities in citizen application and automation development. Dissecting supply chain attacks, we demonstrated low-code/no-code development as the new frontier for security professionals.
Nokod Security Achieves SOC 2 Type II Certification
After a thorough evaluation and meticulous auditing process, Nokod Security is delighted to announce that we have achieved SOC 2 Type II certification.
How does it impact our team, our clients, our commitment to security excellence, and our security posture?
CVE-2023-36019 – Critical Christmas Gift from Microsoft Power Platform
CVE-2023-36019 affects Microsoft Power Platform Connector and needs urgent manual fixes before February 17th, 2024. The vulnerability is of a high severity and impact level.
Shadow Engineering Casting a Giant Shadow on AppSec
In recent years, Shadow Engineering has become a development practice exponentially growing inside organizations using low-code/no-code development platforms.