Low-code and no-code tools are making application development more convenient and flexible, but they open up organizations to security flaws. That’s according to a recent survey from Dark Reading.
The Dark Reading 2022 Secure Applications Survey asked 136 IT and cybersecurity decision-makers about the state of application security at their workplace. While the responses showed that companies were paying more attention to application security overall, over half of the organizations (52% overall; see pie chart below) were implementing low-code/no-code in at least parts of their company.
Research firm Gartner predicts that use of low-code/no-code tools will rise from almost 25% of applications in 2020 to 70% in 2025. This is despite the serious security concerns the Open Web Application Security Project (OWASP) raises, including privilege escalation, data leakage, and dependency injection. Of course the security team is aware of these risks, as the Dark Reading survey shows: Only 7%…