You Are Doing it Wrong - On Vulnerabilities in Low Code Development Platforms

Lourenço, Miguel; Espinha Gasiba, Tiago; Pinto-Albuquerque, Maria

Home // CYBER 2023, The Eighth International Conference on Cyber-Technologies and Cyber-Systems // View article

You Are Doing it Wrong - On Vulnerabilities in Low Code Development Platforms

Authors:
Miguel Lourenço
Tiago Espinha Gasiba
Maria Pinto-Albuquerque

Keywords: low code; software development; web applications; cybersecurity; industry; low code development platforms; vulnerabilities.

Abstract:
Low-Code Development Platforms (LCDPs) are gaining more and more traction, even in the industrial context, as a means for anyone with less coding experience to develop and deploy applications. However, little is known about the vulnerabilities resulting from this new software development model. This paper aims to understand vulnerabilities in applications developed and deployed on these platforms. We show that these vulnerabilities can be considered from three perspectives: platform, developer, and plugins. We determine the top three vulnerabilities for each perspective based on a review of the literature and expert interviews. Our results contribute to understanding LCDP applications' security and raise awareness of industry practitioners by providing typical LCDP security pitfalls.

Pages: 12 to 18

Copyright: Copyright (c) IARIA, 2023

Publication date: September 25, 2023

Published in: conference

ISSN: 2519-8599

ISBN: 978-1-68558-113-8

Location: Porto, Portugal

Dates: from September 25, 2023 to September 29, 2023