StockNews.AI
MSFT
StockNews.AI
92 days

Nokod Security to Host Capture the Flag Competition and Demonstrate Microsoft Power BI Vulnerability at OWASP Global AppSec EU 2025

1. Nokod Security to host CTF competition exposing risks in no-code apps. 2. Power BI vulnerabilities may allow unauthorized access via API manipulation. 3. PBAnalyzer tool helps identify data oversharing in Power BI reports. 4. DAX Injection attack technique potentially leads to external data leakage. 5. Security insights can enhance Power BI's reputation among enterprises.

4m saved
Insight
Article

FAQ

Why Bearish?

Concerns over Power BI vulnerabilities could affect customer trust, similar to past data breaches.

How important is it?

Increased scrutiny on Power BI could impact user confidence, affecting MSFT's business.

Why Short Term?

Immediate attention from enterprises may affect Power BI usage in the near term.

Related Companies

GOOGCRMADBE
- Live hacking challenge and groundbreaking security session to highlight hidden risks in no-code apps and automations NEW YORK & TEL AVIV, Israel--(BUSINESS WIRE)--Nokod Security, the security company for no-code application development, today announced it will host a no-code Capture the Flag (CTF) hacking competition in collaboration with OWASP at Global AppSec EU 2025 in Barcelona. In addition, Nokod Senior Security Researcher Uriya Elkayam will present a session that exposes data leakage vulnerabilities affecting Power BI reports.Attendees can compete in a live event to uncover vulnerabilities in no-code apps that expose sensitive data. All players who successfully complete the challenge will be entered to win prizes, including a DJI NEO Mini Drone and 9 JBL GO 4 speakers.Share WHO: Nokod Security helps enterprises secure their no-code application development environments. WHAT: No-Code Capture the Flag (CTF) Competition Security researchers will compete in a live event to uncover vulnerabilities in no-code apps that expose sensitive data. All players who successfully complete the challenge will be entered to win prizes, including a DJI NEO Mini Drone and 9 JBL GO 4 speakers. Conference Session: To BI or Not to BI? Data Leakage Tragedies with Power BI Reports In this session, Uriya Elkayam will demonstrate how a vulnerability in Microsoft Fabric (Power BI) can allow unauthorized data access via API manipulation, especially in publicly shared reports. He will present PBAnalyzer, an open-source tool developed by Nokod Security, which helps organizations identify data oversharing in widely shared Power BI reports. He will also unveil a new attack technique called DAX Injection, which exploits Power BI queries through Power Automate flows. This attack could potentially lead to external data leakage. The session will conclude with actionable steps for securing Power BI environments. WHEN & WHERE: No-Code CTF Competition Live Event: Friday, May 30 10:00 am - 2:00 pm Room: 118 Location: OWASP 2025 Global AppSec, Fira Barcelona Conference Center Conference Session To BI or Not to BI? Data Leakage Tragedies with Power BI Reports Thursday, May 29, 2025, 3:30 pm – 4:15 pm CET Room 113, Fira Barcelona Conference Center HOW: To schedule a conversation with Nokod Security about no-code and BI platform security contact Marc Gendron at marc@mgpr.net or +1 617.877.7480. About Nokod Security Nokod Security is the security company for no-code application development. The Nokod Security Platform protects enterprises from risks introduced by no-code applications across Microsoft Power Platform, UiPath, Salesforce, ServiceNow, and more. Founded by cybersecurity veterans from Imperva and SecuredTouch (now Ping Identity), Nokod is backed by Acrew Capital, Meron Capital, and Flint Capital. Learn more at www.nokodsecurity.com or follow us on X and LinkedIn. More News From Nokod Security

Related News