Talk Intro 14:30 - 15:30 August 13, 2022

Inaae Kim

No-code application platforms emerged a few years ago. They are a very attractive platform to many business organizations because they use modular and pre-built configurations for quick and efficient software development and delivery without writing code. Secure code review is one of the major processes to identify security weaknesses early in the SDLC and prevents potential vulnerabilities when the application is released in production. If there is no code in your software development, what are application security engineers reviewing in the application? In this talk, I’ll talk about your security concerns in no-code application development platforms including the OWASP top 10 no-code security risks, and provide tips to mitigate risks from no-code development. I’ll also introduce a new security review process for no-code software development to reduce security risks. At the end of the talk, I will demonstrate how to conduct security reviews of no-code applications. This talk is helpful for application security engineers whose organizations are considering or already using no-code platforms and anyone who wants to know how to incorporate security into no-code applications.

Inaae Kim

Unqork

Inaae Kim is a security engineer at Unqork. She has a unique background as both a security engineer and a software engineer. She specializes in building security into the software development life cycle and seeks for proactive security approach.