Israeli Startup Nokod Secures $8M for Low-Code/No-Code App Security
Tel Aviv-based startup Nokod Security has recently raised $8 million in seed funding to develop technology aimed at securing low-code and no-code custom applications. The company plans to establish a presence in the U.S. market, driven by the growing adoption of low-code and no-code platforms in enterprises.
The Rise of Low-Code and No-Code Development
Low-code and no-code development methods offer a new approach to building applications, allowing users to create custom apps using intuitive drag-and-drop tools instead of traditional coding. Platforms like Microsoft PowerApps and ServiceNow have gained popularity due to their ease of use and the ability to rapidly develop and deploy applications.
However, the security implications of these platforms have come into focus. Traditional application security measures may not adequately address the risks associated with low-code and no-code development, leaving organizations vulnerable to potential attacks. Nokod aims to fill this gap by providing comprehensive security solutions for these custom applications.
Nokod’s Comprehensive Application Security
Nokod’s software aims to provide organizations with a comprehensive view of their application inventory. By offering in-depth visibility and analysis, the company’s technology helps pinpoint security issues and vulnerabilities, enabling remediation and minimizing the attack surface. This approach addresses the unique challenges posed by low-code and no-code development and helps organizations better secure their applications.
Founders and Investors
Nokod Security is the brainchild of Amichai Shulman, former co-founder and CTO of Imperva, and Yair Finzi, former co-founder of SecuredTouch, which was subsequently acquired by Ping Identity. The founders bring a wealth of experience in the cybersecurity industry, making them well-equipped to address the security concerns associated with low-code and no-code development.
The successful seed funding round was led by Acrew Capital, Meron Capital, and Flint Capital. These investors recognize the growing need for specialized security measures for low-code and no-code applications and are confident in Nokod’s ability to fill this niche.
The Security Implications of Low-Code/No-Code Development
The rise of low-code and no-code development has democratized application development, allowing individuals without extensive programming skills to create their own customized apps. While this shift has brought many benefits, it has also introduced security challenges.
Traditional application security approaches often focus on securing code developed by professional programmers. However, with low-code and no-code platforms, the responsibility for security is shared between platform providers, application developers, and the organizations that deploy these applications. Without proper security measures in place, these custom applications could become entry points for cyberattacks.
Reducing Attack Surfaces and Enhancing Security
It is crucial for organizations to address the security risks associated with low-code and no-code development. Implementing comprehensive security measures requires a multi-layered approach.
Firstly, platform providers must ensure that their low-code and no-code tools are built with security in mind. This includes incorporating secure coding practices, regularly updating platforms to address vulnerabilities, and providing guidance on secure application development to users.
Secondly, organizations and developers must receive proper training and education on application security. Understanding the potential risks and following best practices, such as incorporating secure coding practices and regularly assessing applications for vulnerabilities, can help mitigate the security risks associated with low-code and no-code development.
Lastly, specialized security solutions, such as those offered by Nokod Security, can provide an additional layer of protection. These solutions focus on analyzing and securing custom low-code and no-code applications, helping organizations identify and remediate vulnerabilities.
By combining these measures, organizations can reduce attack surfaces and enhance the security of their low-code and no-code applications.
The Future of Low-Code/No-Code Development and Security
The demand for low-code and no-code development is expected to continue growing as organizations seek to streamline their application development processes and empower non-technical users to create their own custom applications.
However, as the adoption of these platforms increases, so does the need for robust security measures. Startups like Nokod Security are poised to play a crucial role in addressing this demand by offering specialized security solutions tailored to the unique challenges of low-code and no-code development.
Furthermore, the advancement of generative AI and tools like ChatGPT introduces new complexities to low-code and no-code development. Ensuring the security of applications built using these technologies will require ongoing innovation and a proactive approach from both the platform providers and the security industry.
As organizations continue to embrace low-code and no-code development, it is essential for them to prioritize application security. By investing in comprehensive security measures, including specialized solutions like those offered by Nokod Security, organizations can empower their users to take advantage of the benefits of low-code and no-code development while minimizing the associated security risks.
Editorial: The Nexus of Accessibility and Security
The emergence of low-code and no-code development represents a significant step towards making application development more accessible to a broader range of individuals. By eliminating the need for extensive coding knowledge, these platforms democratize the process, allowing non-technical users to bring their ideas to life in the form of customized applications.
However, accessibility should not come at the expense of security. While low-code and no-code platforms are built with simplicity in mind, security cannot be an afterthought. The industry must ensure that these platforms provide robust security measures and empower users to build secure applications.
Furthermore, the security community must adapt to the changing landscape and proactively address the unique security challenges posed by low-code and no-code development. By developing specialized solutions, conducting research, and raising awareness, the industry can build a secure ecosystem that enables innovation without compromising security.
Advice for Organizations and Application Developers
For organizations and developers embracing low-code and no-code development, it is crucial to prioritize application security from the beginning.
1. Choose Secure Platforms: When selecting a low-code or no-code platform, consider their commitment to security. Look for platforms that have a track record of regular updates, vulnerability management, and a strong focus on security best practices.
2. Educate Developers: Provide training and education to developers using low-code and no-code platforms. Ensure they understand the potential risks, secure coding practices, and how to assess and address vulnerabilities.
3. Incorporate Secure Coding Practices: Even with intuitive drag-and-drop tools, it is essential to follow secure coding practices. Implementing measures such as input validation, secure authentication, and proper data handling can significantly improve the security of custom applications.
4. Regularly Assess and Remediate: Conduct regular security assessments of applications built using low-code or no-code tools. Identify vulnerabilities and address them promptly to reduce the risk of exploitation.
5. Implement Specialized Security Measures: Consider incorporating specialized security solutions, such as those offered by Nokod Security, to provide an additional layer of protection for low-code or no-code applications. These solutions can offer in-depth analysis and help identify and remediate vulnerabilities specific to these platforms.
By following these recommendations, organizations and developers can strike a balance between accessibility and security, enabling the benefits of low-code and no-code development while ensuring the protection of sensitive data and systems.
<< photo by Miguel Henriques >>
The image is for illustrative purposes only and does not depict the actual situation.
