2022: Zenity’s Tale of Diligence and Growth

Emerging from Stealth to the Heart of Enterprises

2022 was a momentous year in many ways. One of the most significant shifts of 2022 is so substantial – and so successful – that many businesses are already taking it for granted. Low-code/no-code (LCNC) is here to stay!

As we predicted early this year, 2022 was the year that LCNC became almost taken for granted, a ubiquitous and empowering trend across businesses. In small, medium, large and perhaps most especially enterprise companies, LCNC has taken off to such an extent that many departments already have trouble imagining what they would do without it. 

In the Information Age, technology creation is no longer the exclusive province of professional developers. Apps, services and programs can all be created by business professionals of any description, in any role – with LCNC. It’s vastly streamlining a myriad of business use cases in companies all over the world.

No longer just an interesting tech trend, LCNC development in platforms like Microsoft Power Platform, Salesforce, ServiceNow, Workato and many others is now so dominant that it’s assumed that all major SaaS platforms will empower its users through LCNC – much like the evolution of cloud computing, a decade or so ago.

Zenity has been there throughout 2022 to help companies that leverage LCNC platforms do so securely. Attracted by Zenity’s advanced observability, risk assessment and governance controls, companies from diverse verticals including financial services, healthcare, pharma and software development are turning to Zenity to promote citizen development risk free.

We have so much more work ahead of us, and we are still just at the beginning of our journey, but we can also be extremely proud of our work and celebrate what we have accomplished thus far. Here is a glimpse into some of the things that kept us busy during 2022:

• Grew our team and supporting disciplines. Our team consists of excellent, unique and diverse people, and we are so proud of each and every one of them!
• Took over the stage in some of the world’s largest security conferences, including two fully packed sessions at Defcon 2022, and an exciting session at OWASP global app-sec in SF.
• Introduced Zenity to the world and met prospects and business partners at 3 significant conferences: RSA conference, Blackhat and Microsoft Power Platform conference. 
• Significantly expanded our solution coverage and use cases through many major release versions.
• Continued to collaborate through close, meaningful relationships with our existing customers, supporting more of their use cases to better control LCNC development.
• Completed SOC2 Type 2 certification, and are GDPR ready. Visit the Zenity trust center to learn more.
• Onboarded more Fortune 500 and global enterprise companies from multiple verticals to the Zenity solution, helping them to securely enable and promote citizen development.
• Sponsored the first ever publication of OWASP top 10 Low-Code/No-Code Security Risks
• Continuously released thought leadership and supportive content, such as our Security Governance Framework for Low-code/No-code Development 

With Great Power Comes Great Responsibility

According to Gartner, “by 2025, 70% of all application development will be done with low-code/no-code platforms, and 66% of large firms will be using at least four different low-code application building platforms.”

Enabling Citizen Development

Giving business professionals the ability to build what they need themselves is far more efficient, scales better, and means the company can be agile in reacting to changing circumstances.

But as with all exciting developments, there’s an unintended consequence. Forrester Research has predicted that in 2023, LCNC use will cause a headline data breach at a major enterprise. 

It’s easy to trace the connection between Gartner’s analysis of the popularity of LCNC and Forrester’s sobering prediction. The more citizen developers – with deep access to their company’s data, platforms and processes – are able to create their own applications and automations, and the like to fit their own needs, the greater the security risks.

Business professionals are simply not aware of the serious security risks in apparently harmless actions, made easy and intuitive through LCNC interfaces. Nor should they be expected to understand or apply application security best practices. Good intentions are, however, not sufficient protection. And their activities, unlike those of their professional developer counterparts, are not extensively monitored and protected by in-depth cybersecurity policies and procedures that have evolved best practices over decades.

All this is without even talking about the dangers posed by malicious insiders for whom LCNC platforms are a crown jewel to target, as those developments are typically not protected or monitored unless Zenity is in place, making them a significant vulnerability.

LCNC has been a tremendously beneficial technological revolution and we are big believers in its promise – bringing people from diverse backgrounds and skills closer to technology, allowing everyone to become professionals in an agile, cutting edge framework. But we agree with Forrester that for organizations that aren’t taking the security risks seriously, and taking steps to mitigate them effectively, 2023 is going to be a harsh wakeup call.

2023: Building Strong, But Responsibly

LCNC is already embedded in business’ structures and processes. In 2022, companies saw all the advantages that brings, and plenty of enterprises also started putting processes in place and using Zenity to gain better visibility and control. With 2023 about to start, we are ready to assist the organizations that will wake up to the risks that come with LCNC this year as well. In some cases, the realization is going to be a shock – potentially, a very serious one.

For forward-thinking security teams, on the other hand, 2023 will be the year they get ahead of the dangers of uncontrolled LCNC development and enable their company to truly get the best of both worlds; agile citizen development hand in hand with powerful security protection.

Zenity is ready to bring security teams closer to the needs of the business with the ability to unleash citizen development and ensure LCNC development follows the security standards and practices that are already in place for professional developers. With Zenity, security teams can set policies, put guardrails in place, have full oversight into security risks and how to resolve them, and enjoy mature governance insights and processes – all without hampering the exciting and organic evolution of citizen development in their company.