Overview
Explore the dark side of low-code and no-code applications in enterprise environments through this 44-minute OWASP Foundation conference talk. Discover how attackers exploit shadow IT and leverage enterprise No-Code platforms for every step in the cyber killchain. Learn about attack techniques found in the wild, including account takeovers, lateral movement, privilege escalation, untraceable backdoors, and automated data exfiltration. Gain insights from live demonstrations and access to shared source code for proof-of-concept attacks. Presented by Michael Bargury, Co-Founder and CTO of Zenity, this talk highlights the security risks associated with the growing trend of building enterprise apps outside of IT, emphasizing the need for improved security practices in low-code/no-code environments.
Syllabus
Credential Sharing as a Service: the Dark Side of No Code
Taught by
OWASP Foundation