Nokod Security to Host Capture the Flag Competition and Demonstrate Microsoft Power BI Vulnerability at OWASP Global AppSec EU 2025

Live hacking challenge and groundbreaking security session to highlight hidden risks in no-code apps and automations

NEW YORK & TEL AVIV, Israel–(BUSINESS WIRE)–#RPAsecurity—Nokod Security, the security company for no-code application development, today announced it will host a no-code Capture the Flag (CTF) hacking competition in collaboration with OWASP at Global AppSec EU 2025 in Barcelona. In addition, Nokod Senior Security Researcher Uriya Elkayam will present a session that exposes data leakage vulnerabilities affecting Power BI reports.

WHO: Nokod Security helps enterprises secure their no-code application development environments.

WHAT:

No-Code Capture the Flag (CTF) Competition

Security researchers will compete in a live event to uncover vulnerabilities in no-code apps that expose sensitive data. All players who successfully complete the challenge will be entered to win prizes, including a DJI NEO Mini Drone and 9 JBL GO 4 speakers.

Conference Session: To BI or Not to BI? Data Leakage Tragedies with Power BI Reports

In this session, Uriya Elkayam will demonstrate how a vulnerability in Microsoft Fabric (Power BI) can allow unauthorized data access via API manipulation, especially in publicly shared reports. He will present PBAnalyzer, an open-source tool developed by Nokod Security, which helps organizations identify data oversharing in widely shared Power BI reports. He will also unveil a new attack technique called DAX Injection, which exploits Power BI queries through Power Automate flows. This attack could potentially lead to external data leakage. The session will conclude with actionable steps for securing Power BI environments.

WHEN & WHERE:

No-Code CTF Competition

Live Event: Friday, May 30
10:00 am – 2:00 pm
Room: 118
Location: OWASP 2025 Global AppSec, Fira Barcelona Conference Center

Conference Session

To BI or Not to BI? Data Leakage Tragedies with Power BI Reports
Thursday, May 29, 2025, 3:30 pm – 4:15 pm CET
Room 113, Fira Barcelona Conference Center

HOW: To schedule a conversation with Nokod Security about no-code and BI platform security contact Marc Gendron at [email protected] or +1 617.877.7480.

About Nokod Security

Nokod Security is the security company for no-code application development. The Nokod Security Platform protects enterprises from risks introduced by no-code applications across Microsoft Power Platform, UiPath, Salesforce, ServiceNow, and more. Founded by cybersecurity veterans from Imperva and SecuredTouch (now Ping Identity), Nokod is backed by Acrew Capital, Meron Capital, and Flint Capital. Learn more at www.nokodsecurity.com or follow us on X and LinkedIn.

Contacts

Media Contact:
Marc Gendron

Marc Gendron PR for Nokod Security

[email protected]
+1 617-877-7480

More New Jersey Cannabis Workers Vote to Unionize With UFCW Local 360

Signios Bio and Illumina Announce Grant to Maximize Discovery Power with Industry’s Largest NGS-Based Proteomics Panel

Franklin BSP Capital Corporation Announces Second Quarter 2025 Regular and Special Common Stock Distribution of $0.33 Per Share

U.S. FDA Grants Approval for Jivi® Antihemophilic Factor (Recombinant), PEGylated-aucl in Pediatric Patients 7 to Under 12 Years of Age With Hemophilia A (Congenital Factor VIII Deficiency)

PTIX Stock Alert: Halper Sadeh LLC Is Investigating Whether the Merger of Protagenic Therapeutics, Inc. Is Fair to Shareholders