OWASP Global AppSec San Francisco

Dive into captivating AppSec talks by renowned speakers and explore five tracks tailored to your interests—whether you’re a builder, breaker, defender, or culture-savvy manager.

At a Glance

We feel privileged to sponsor OWASP Global AppSec and contribute to an amazing, professional, tight-knit, and welcoming organization. Veterans or newbies, we are all in for an exciting experience!

Visit the Nokod Booth (#SU22) for open conversations, live demos, and insights on how Nokod Security advances AppSec for low-code/no-code app development. At our booth, explore the Nokod Security Platform—a cutting-edge solution explicitly designed for LCNC apps and automation development. Here’s how it empowers your security posture:

  • Application Logic Inspection: Our platform scrutinizes automation logic, identifying potential vulnerabilities.
  • Data Access Monitoring: We delve into data access patterns, ensuring compliance and uncovering violations.
  • Threat Intelligence Integration: Nokod’s proprietary threat intelligence keeps a vigilant eye on third-party components, flagging weaknesses.
  • User-Defined Configuration Checks: We explore environments to pinpoint any misconfigurations that might expose your organization.

If you prefer to plan in advance, feel free to use the form on the right to schedule a meeting with our team.

HOW WE CONTRIBUTE TO THE EVENT

Bob the Breaker

CTF – BOB THE BREAKER IS BACK!

It’s CTF time again: Let’s Hack the Low-code / No-code External Attack Surface!

Nokod created this CTF for OWASP Global AppSec 2024 in San Francisco, so you get your chance to hack company secrets the low-code/no-code way. Get hands-on experience, encounter real-world scenarios, and have fun!

MORE INFO>>

Amichai Shulman - CTO at Nokod Security

AMICHAI SHULMAN PRESENT AT THE BREAKER TRACK!

O My Data: OData Injection Attack and other Injections in Microsoft Power Platform & UiPath

In his session, Amichai presents a new attack technique called “OData Injection” that affects many API-based environments, particularly Microsoft Power Automate, part of the Microsoft Power Platform. Attackers can use this technique to extract sensitive data and bypass access controls. If you think that “No Code” = “No Vulnerabilities,” you are in for a BIG surprise.

Thursday, September 26, 2024, 1:15 pm – 2:00 pm PDT

This event is in the Past

To discuss and connect with our team, please schedule an online demo.  

Scroll to Top