Software Improvement Group (SIG) is pleased to have provided its expertise in a new report released by Forrester Research, Inc, Don’t Ignore Security In Low-Code Development. In the report, Forrester analysts Sandy Carielli and John Bratincevic provide security professionals with guidelines to create secure development policies for low-code developers and applications.
One such guideline encourages security professionals to understand where the security “guardrails” of their chosen platform end – and which requirements they must then address and own themselves. Carielli and Bratincevic point out that security controls vary from one platform to another, and that new risks can be introduced by custom code extensions, third-party components, and the ability for developers to modify generated code.
The report includes a quote from Rob van der Veer, Principal Consultant, Security & Privacy, at SIG:
“Appreciate the fact that these platforms allow other ways to develop software … [but] there are many ways to build functionality in other languages and get around the platform.”
The full report is available for purchase and to Forrester subscribers here.
Learn how SIG can help your organization measure, manage, and secure low-code applications here.