Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Nokod Security Unveils Free Attack Surface Assessment Tool for Microsoft Power Platform

Nokod Security announced the availability of a free discovery and lightweight attack surface assessment tool for Microsoft Power Platform. Designed to address the growing challenge of LCNC shadow engineering, the Nokod Attack Surface Assessment Tool for Power Platform offers visibility into LCNC assets created by citizen developers to help security teams know and understand the scale and presence of security risks.

This latest free offering from Nokod complements two existing LCNC tools that help detect unused data sources in Microsoft Power BI reports. They analyze data models to identify columns not used in visualizations, which could expose sensitive information if reports are overshared internally or published on the web. In June, Nokod reported a data leakage vulnerability in Power BI, affecting thousands of organizations. Both tools allow businesses to assess their exposure and mitigate these risks and are available on GitHub for easy implementation.

As more businesses embrace citizen development, security teams are finding it difficult to track LCNC activities, understand the scope of potential risks, and protect sensitive information. The Nokod Attack Surface Assessment Tool for Power Platform performs scans to discover LCNC assets and provide insights into security risks associated with them, without the need for full integration into the Power Platform.

Nokod's tool helps security teams quickly understand the size and scope of the LCNC attack surface within their organization by discovering all Power Platform assets and providing insights into potential risks, such as:

  • Deleted or Guest Users Developing Apps: Identifies apps created by users no longer with the organization, which may pose a security risk.
  • Untrusted and Deprecated Connectors: Detects connectors that could introduce vulnerabilities or allow unauthorized access.
  • Potential Data Leakage in Power BI: Exposes reports with hidden sensitive data or unauthorized access to filtered data records that could leak sensitive data internally and externally.

"Our new assessment tool allows organizations to quickly see the full scope of LCNC activity in their environment without deploying and integrating heavy-weight software," said Amichai Shulman, CTO of Nokod Security. "By providing detailed insight into the size of the LCNC attack surface and identifying critical vulnerabilities, we're empowering security teams to address those risks proactively."

Key Features and Benefits

  • Complete Attack Surface Visibility: Provides detailed insights into Power Platform development environments, including apps, components, and connectors.
  • Vulnerability Identification: Identifies potential security risks in Power Platform environments, such as apps developed by deleted users, untrusted or deprecated connectors, and potential data leakage in Power BI reports.
  • Lightweight and External: Unlike tools that require full integration into the Power Platform, Nokod's tool runs from a local machine, ensuring a lightweight and quick assessment.
  • Easy Setup: Users only need to run simple Python commands to execute a scan.
Published Thursday, October 31, 2024 4:31 PM by David Marshall
Filed under: ,
Get This Featured White Paper: Innovative AI Strategies Supporting Trusted Data Recovery
You may also be interested in this white paper: GigaOm Radar for Cloud Observability 2024
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<October 2024>
SuMoTuWeThFrSa
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789