In many ways, managing security for citizen-developer apps is like flying several planes built by different manufacturers all at once. That’s because each no-code development platform uses separate dashboards, controls, policy engines, etc. Microsoft Power Platform measures altitude in feet, ServiceNow in meters, Salesforce reports it in knots, and UiPath wants to automate the landing itself. None of them speaks the same language. With multiple departments in the same organization building their own automations, workflows, and apps using these platforms, what begins as a way to accelerate business innovation can quickly introduce a tangle of complex governance challenges for security…
Yair Finzi
Yair Finzi
Yair Finzi, co-founder & CEO of Nokod Security is a technology entrepreneur with more than 15 years of experience in cybersecurity. Prior to Nokod Security, he co-founded SecuredTouch and served as its CEO until the company’s acquisition by Ping Identity. Later, Yair served as a product leader at Meta, focusing on its global app for crowdsourcing. He started his career in the Israel Defense Force's (IDF) elite cybersecurity unit and eventually became a head of department at the Intelligence Corps.
Thanks to no-code tools, citizen application development platforms (CADPs) are ushering in a new era where business units are no longer waiting in IT backlogs for application support—they’re building their own. Employees without coding skills are creating business applications, workflow automations, and integrations with a few clicks. According to Gartner, citizen developers will contribute up to 70% of digital initiatives by 2029, up from just 10% in 2025. While this represents a major advance in how enterprises innovate, it also introduces a new problem: enabling decentralized app creation without subjecting the organization to unintended security risk. The Double-Edged Sword of…