Low-code/no-code (LCNC) and robotic process automation (RPA) platforms, popular for enabling “citizen developers” to create apps easily, have expanded organizational attack surfaces, often beyond the view of security teams. This “shadow engineering” introduces unchecked code, increasing cybersecurity risks.
Gartner’s Continuous Threat Exposure Management (CTEM) framework, which involves ongoing threat assessment across five stages — scoping, discovery, prioritization, validation, and mobilization — can help organizations manage these risks. By integrating LCNC apps and RPAs into CTEM, companies can identify, prioritize, and address vulnerabilities, ensuring continuous security oversight.
As LCNC app development evolves, it’s crucial to recognize that CTEM is an ongoing process. By adhering to these best practices, CISOs can effectively address the security risks associated with LCNC apps and RPAs through a comprehensive CTEM program.
Learn how CTEM applies to LCNC and RPA—click here.
Get connected to our insights
