Security Risks of Low-Code/No-Code Applications - What Could Go Wrong?

Explore the security implications of business-led development using low-code/no-code platforms in this 22-minute conference talk from BSidesLV. Discover why enterprises are empowering business professionals with developer-level tools and the potential risks involved. Examine findings from extensive research on 100K applications across hundreds of enterprise environments, revealing common security pitfalls in identity, access, and data flow. Learn about the OWASP Low-Code/No-Code Top 10 security framework and its importance in mitigating risks. Gain insights into real-world examples of security issues, their backstories, and implications. Understand the critical need for AppSec team involvement in business-led development and hear success stories from organizations that effectively addressed these challenges.

CG - Sure, Let Business Users Build Their Own. What Could Go Wrong?