Nokod Security, a leading cybersecurity company specializing in securing no-code application development, has announced two major activities for OWASP Global AppSec EU 2025 in Barcelona. The company will host a no-code Capture the Flag (CTF) hacking competition and present a session on critical Power BI data leakage vulnerabilities.
Event Overview
No-Code Capture the Flag (CTF) Competition
In collaboration with OWASP, Nokod Security is hosting the industry’s first CTF focused exclusively on vulnerabilities in no-code applications. Participants will compete live to uncover flaws that can expose sensitive data in no-code platforms.
- Date: Friday, May 30, 2025
- Time: 10:00 am – 2:00 pm CET
- Location: Room 118, Fira Barcelona Conference Center
Prizes:
Participants who successfully complete the challenge will be entered into a prize draw to win a DJI NEO Mini Drone and nine JBL GO 4 speakers.
Featured Session: To BI or Not to BI? Data Leakage Tragedies with Power BI Reports
Presented by Uriya Elkayam, Senior Security Researcher at Nokod Security, this talk reveals major vulnerabilities in Power BI reports that can lead to unauthorized data access through API manipulation.
Highlights:
- PBAnalyzer: Introduction to Nokod’s open-source tool that detects overshared data in Power BI reports.
- DAX Injection: A newly disclosed attack vector where Power Automate flows are exploited to inject malicious DAX queries, risking external data leakage.
- Actionable Guidance: Steps to secure and monitor Power BI environments against data exposure.
- Date: Thursday, May 29, 2025
- Time: 3:30 pm – 4:15 pm CET
- Location: Room 113, Fira Barcelona Conference Center
Why It Matters
As no-code development grows across enterprises, so do the associated security risks. Nokod Security’s participation at OWASP Global AppSec EU 2025 underscores the urgent need for specialized protection strategies in both no-code platforms and widely adopted tools like Power BI.
Nokod Security continues to innovate at the intersection of no-code development and cybersecurity. From pioneering Capture the Flag events to uncovering novel vulnerabilities in enterprise tools, Nokod is leading the way in securing the future of business applications.
