A recent LastPass breach has once again raised concerns about password managers’ security, especially commercial password managers with cloud infrastructure. The breach led to hackers gaining access to both code and data. This time on Dark Reading, I describe how I became a proponent of secret managers and LastPass, my chosen password manager, and how I helped my family and colleagues to do the same.

Low-code and no-code technologies are being embraced across the world, but there’s one LCNC platform that stands out, with significant growth and enterprise adoption – and that’s Microsoft’s Power Platform.

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I share new Microsoft Power Platform DLP Bypass findings we uncovered.

2022 was a momentous year in many ways. One of the most significant shifts of 2022 is so substantial – and so successful – that many businesses are already taking it for granted. Low-code/no-code (LCNC) is here to stay! As we predicted early this year, 2022 was the year that LCNC became almost taken for granted, a ubiquitous and empowering trend across businesses.

Security of our platform and customer data has always been a core focus at Zenity and a north star that we continue to follow, and today we’re excited to announce that we are now SOC 2 Type II certified. This certification demonstrates Zenity’s commitment to ensuring the security of our systems and the data of our customers and partners.

International Data Corporation (IDC) published its annual Innovators report last Friday, November 18th and named Zenity as one of the top five innovative vendors offering a unique PaaS (Platform as a Service) solution that developers are using to accelerate their application development and deployment processes.

To understand this headline better we need to have a better understanding of the traditional ways we think about Software-as-a-Service (SaaS) platforms and public cloud platforms. The difference lies in the starting point of these two solutions, while SaaS started as an extension of the corporate network, the public cloud started as an extension of the data center.

In the middle of March 2022, Zenity research team discovered a sandbox-escape vulnerability in Code by Zapier, a service used by Zapier to execute custom code as part of a Zap. Exploiting this vulnerability, any user could take full control over the execution environment of their entire account allowing them to manipulate results and steal sensitive data. For example, a Zapier user could take control over the admin’s custom code execution environment.

Software-as-a-Service (SaaS) applications are built on the premise of streamlining business practices to improve productivity. Microsoft 365, Salesforce, and similar SaaS platforms commonly integrate automation tools that allow business users to develop the tools that they need to do their jobs. The latest iteration of this is the integration of low-code/no-code platforms into these SaaS solutions.

When it comes to cybersecurity, businesses typically want to assume that every user is a special snowflake. The premise that each user has a unique identity, and that cybersecurity teams can manage access permissions and identify anomalous activity based on that identity, is a cornerstone of modern security operations.