By Jordan Bonagura
Technologies such as Low-Code/No-Code (LCNC) and Robotic Process Automation (RPA) have become fundamental in the digital transformation of companies. They continue to evolve and redefine software development, providing new possibilities for organizations of all sizes and sectors. These tools allow users with little or no programming experience (citizen developers) to create applications and automate processes, simplifying complex tasks and optimizing business operations.
Application platforms for these technologies (LCNC and RPA) offer intuitive visual interfaces. These allow anyone, from a business professional to an IT employee, to develop customized applications and to automate repetitive processes quickly and efficiently. This frees up operational teams to focus on more strategic value tasks.
Despite their advantages, the use of LCNC and RPA technologies has challenges, especially regarding information security. These platforms, which aim to simplify and speed up development, can introduce risks related to controlling and protecting corporate data. The agility these tools provide tends to reduce development time and costs compared to traditional models significantly. However, the lack of centralized control, especially in environments where non-technical teams are free to create applications, can generate vulnerabilities and ultimately lead to higher costs.
After conducting several penetration tests and risk assessments in environments using LCNC, RPA, or other forms of automation, I thought it crucial to offer more detailed security considerations for these technologies. Companies must understand the potential risks and impacts that adopting these solutions can bring, ensuring that the benefits of automation do not compromise security and regulatory compliance.
A common....
Author
-
Senior Security Consultant at Secure Ideas.
With more than 20 years of experience in information security, Jordan is passionate about helping companies and clients protect their data and applications from threats and vulnerabilities. As a Principal Security Researcher, he led teams conducting vulnerability management, risk assessments, penetration tests, and boundary-setting to comply with standards for companies in different segments.
Bonagura contributed to significant projects, such as developing an integrated GNSS positioning system and an encryption communication protocol between ground and satellite at the Brazilian National Institute of Space Research. He also had the opportunity to speak at some of the most important security conferences around the globe, be a college professor and course coordinator, and consult for the Brazilian police in crime solving.
LinkedIn: https://www.linkedin.com/in/jordan-bonagura
Secure Ideas: https://www.secureideas.com
Latest Articles
NewOctober 31, 2024Passive and Active Reconnaissance in Cybersecurity OSINT- NewOctober 31, 2024The Power of OSINT in Cyber Threat Intelligence
- NewOctober 31, 2024Uncovering Hidden Domains: A Guide to Subdomain Enumeration
- NewOctober 31, 2024OSINT in the Cloud: Techniques for Gathering Intelligence on Cloud Storage Services
