Security News > 2024 > June > Low code, high stakes: Addressing SQL injection
Reasons include human error, new technologies that lack mature code, and a growing use of open-source code that diminishes control for developers.
It's crucial to remember that LCNC apps and RPAs are created by citizen developers, not professional coders, who have little or no understanding of the technical factors underpinning risks.
Existing AppSec stacks aren't designed to address LCNC security and citizen developers rarely receive training to address the risk of SQLi.
As citizen developers turn to LCNC platforms, the frequency and severity of attacks will likely spike.
Despite all these challenges, it's possible to ensure the implementation of secure-by-design principles while allowing citizen developers and automation engineers to use LCNC and RPA tools.
Citizen developers are typically unaware of compliance requirements or how LCNC can introduce risks.