OWASP_TOP_10_LOWCODE_NOCODE

OWASP Top 10 Security Risks for Low-code/No-code

View on RSAC 365 agenda

Abstract

Discover what extensive research has revealed on the security of low-code/no-code applications based on scanning over 100,000 applications across hundreds of enterprise environments. Join guest speaker Michael Bargury, Co-Founder and CTO of Zenity, as he introduces the new OWASP Top 10 list, demonstrates how most applications get an identity, and shares a wide range of security issues and their backstories found in real-world environments.

Recommended pre-reading materials

• OWASP Top 10 low-code/no-code security risks

• Power Platform data leakage

Mentioned in the talk

Tools and Demos

• OWASP Top 10 Low-Code/No-Code Security Risks

• Zapier automation to avoid Slack mentions, YouTube

Articles

• OWASP Top 10 Low-Code/No-Code Security Risks

• Low-Code / No-Code Security, Dark Reading

• Low-code use case: COVID health check app by Microsoft

• Low-code use case: order-to-cash automation by Slack

• Low-code use case: Business users become business developers by Microsoft

• The Microsoft Power Apps Portal Data Leak Revisited: Are You Safe Now?, Zenity blog

Talk materials

• Slides
• Video available on RSAC 365 website