CIO Influence
Analytics CIO Influence News Data Management Security

Nokod Security Unveils Free Attack Surface Assessment Tool for Microsoft Power Platform

Nokod Security Unveils Free Attack Surface Assessment Tool for Microsoft Power Platform

Lightweight, easy-to-setup open-source program provides security teams with visibility into Power Platform assets and its attack surface

Nokod Security, the security company for low-code/no-code (LCNC) application development, today announced the availability of a free discovery and lightweight attack surface assessment tool for Microsoft Power Platform. Designed to address the growing challenge of LCNC shadow engineering, the Nokod Attack Surface Assessment Tool for Power Platform offers visibility into LCNC assets created by citizen developers to help security teams know and understand the scale and presence of security risks.

Also Read: Tonaquint Appoints Jim Buie as Chief Executive Officer

“By providing detailed insight into the size of the LCNC attack surface and identifying critical vulnerabilities, we’re empowering security teams to address those risks proactively.”

This latest free offering from Nokod complements two existing LCNC tools that help detect unused data sources in Microsoft Power BI reports. They analyze data models to identify columns not used in visualizations, which could expose sensitive information if reports are overshared internally or published on the web. In June, Nokod reported a data leakage vulnerability in Power BI, affecting thousands of organizations. Both tools allow businesses to assess their exposure and mitigate these risks and are available on GitHub for easy implementation.

As more businesses embrace citizen development, security teams are finding it difficult to track LCNC activities, understand the scope of potential risks, and protect sensitive information. The Nokod Attack Surface Assessment Tool for Power Platform performs scans to discover LCNC assets and provide insights into security risks associated with them, without the need for full integration into the Power Platform.

Nokod’s tool helps security teams quickly understand the size and scope of the LCNC attack surface within their organization by discovering all Power Platform assets and providing insights into potential risks, such as:

  • Deleted or Guest Users Developing Apps: Identifies apps created by users no longer with the organization, which may pose a security risk.
  • Untrusted and Deprecated Connectors: Detects connectors that could introduce vulnerabilities or allow unauthorized access.
  • Potential Data Leakage in Power BI: Exposes reports with hidden sensitive data or unauthorized access to filtered data records that could leak sensitive data internally and externally.

“Our new assessment tool allows organizations to quickly see the full scope of LCNC activity in their environment without deploying and integrating heavy-weight software,” said Amichai Shulman, CTO of Nokod Security. “By providing detailed insight into the size of the LCNC attack surface and identifying critical vulnerabilities, we’re empowering security teams to address those risks proactively.”

Key Features and Benefits

  • Complete Attack Surface Visibility: Provides detailed insights into Power Platform development environments, including apps, components, and connectors.
  • Vulnerability Identification: Identifies potential security risks in Power Platform environments, such as apps developed by deleted users, untrusted or deprecated connectors, and potential data leakage in Power BI reports.
  • Lightweight and External: Unlike tools that require full integration into the Power Platform, Nokod’s tool runs from a local machine, ensuring a lightweight and quick assessment.
  • Easy Setup: Users only need to run simple Python commands to execute a scan.

Also Read: Buried in Alerts: Three Reasons Legacy Threat Detection and Response Tools are Failing SOC Teams

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]

Related posts

Valyant Enters into Settlement Agreement with Hi Auto and kea to Resolve Patent Litigation

GlobeNewswire

WekaIO Expands AI Storage Solutions in EMEA

CIO Influence News Desk

Domino Data Lab Appoints Data Science Leader John Kahan to Strategic Board Advisor Role