Low-code apps have become a reality in the enterprise, with surveys showing that most enterprise apps are now built outside of IT and lacking security practices. Unsurprisingly, attackers have figured out ways to leverage these platforms for their gain. This talk will demonstrate a host of attack techniques found in the wild, where low-code apps are abused during every step in the cyber kill chain.


RSAC 2023 brought together thousands of cybersecurity professionals for four incredible days of expert perspectives, groundbreaking innovation, and best practices. 

Credential Sharing as a Service: The Dark Side of No Code

Conference: RSA Conference 2023

Authors: Michael Bargury

Abstract

Post a comment

Related work

Credential Sharing as a Service: the Dark Side of No Code

Safeguarding UEFI Ecosystem: Firmware Supply Chain is Hard(coded)

Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs