Nokod Security wins recognition in the Emerging Technology category for tackling one of the fastest-growing and least governed enterprise attack surfaces: no-code applications, business-built automations and AI agents operating outside traditional software development and application security controls.
Founded in 2023, the company positions itself at the intersection of citizen development, automation sprawl and AI governance, arguing that enterprises are increasingly exposed to security risks created by business users building applications and workflows without oversight from central security or AppSec teams. As organisations accelerate adoption of platforms such as Microsoft Power Platform, Copilot Studio, Salesforce, ServiceNow and UiPath, Nokod says visibility into these environments has become a major operational and security challenge.
Its runtime security platform is designed to continuously discover no-code applications, workflows, automations and AI agents across enterprise environments, map ownership, inspect business logic and connector configurations, and monitor behaviour for signs of risk or misuse. The company focuses particularly on threats such as excessive permissions, hidden data flows, connector abuse, agent chaining and logic drift — issues it argues are often missed by traditional build-time security approaches.
Rather than relying on conventional AppSec models tied to the software development lifecycle, Nokod positions its platform around runtime governance and continuous monitoring of business-built logic and AI-driven automation. The company combines behavioural analytics with least-privilege enforcement to identify and reduce exposure across increasingly decentralised enterprise application ecosystems.
A key part of the company’s pitch is operational simplicity. Nokod highlights its SaaS-based, agentless and API-driven architecture as enabling rapid deployment, low total cost of ownership and automatic updates without requiring extensive infrastructure changes or endpoint agents. The company says this approach allows enterprises to quickly gain visibility into sprawling estates of no-code applications and AI-powered workflows that may otherwise operate outside formal governance processes.
The company's technology has been adopted across Fortune 500 organisations spanning financial services, payments, healthcare, energy and technology sectors. Customers reportedly value the platform’s ability to deliver immediate visibility, actionable remediation guidance and scalable governance for large numbers of business-created applications and automations.
Judges described Nokod Security as one of the standout entries in the category and a textbook example of an emerging cybersecurity technology aligned to future enterprise risk trends. The panel praised the company for identifying and addressing a rapidly expanding attack surface that many organisations are only beginning to recognise.
“Nokod Security was recognised as a category-defining winner for pioneering runtime security for the fast-growing no-code and AI agent attack surface.”
The judging panel highlighted Nokod’s shift away from traditional build-time application security toward runtime governance of business-built workflows and AI-driven logic as both innovative and increasingly necessary. Judges specifically pointed to the platform’s ability to address risks associated with connector misuse, agent chaining, hidden data flows and logic drift — areas they say remain largely underserved by existing security tools.
Judges further cite strong early enterprise traction as evidence of market demand, including a reported deployment securing 30,000 applications across 180,000 users. The panel ultimately described Nokod as a genuine pioneer in securing citizen development and AI-assisted enterprise software, positioning the company at the forefront of an emerging and increasingly critical area of enterprise cybersecurity.
Kelley Damore is Chief Content Officer at CyberRisk Alliance, where she leads content strategy across the company’s digital brands, research, communities and live events serving CISOs and security practitioners. At CyberRisk Alliance, she is focused on delivering 365-day engagement, trusted journalism and actionable insights to help security leaders navigate an increasingly complex threat landscape.
Kelley Damore is Chief Content Officer at CyberRisk Alliance, where she leads content strategy across the company’s digital brands, research, communities and live events serving CISOs and security practitioners. At CyberRisk Alliance, she is focused on delivering 365-day engagement, trusted journalism and actionable insights to help security leaders navigate an increasingly complex threat landscape.
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
