The State of Enterprise Copilots and Low-Code Development

Enterprises are increasingly adopting AI copilots and low-code platforms, allowing users of all technical backgrounds to build powerful applications. This shift is changing how software is developed, with business users now leading application development. This tectonic shift also results in new challenges that security teams need to be conscious of. 

Unfortunately, traditional, code-scanning AppSec tools lack coverage for business-led development and AI adoption that abstracts code, resulting in a new vector of shadow development.

Over the last year, we have gathered data from many of the world’s largest organizations to see how they are adopting various copilots and low-code development platforms. Our report highlights:

• Organizations use an average of 7 different copilots and low-code platforms, leading to ~80,000 apps per enterprise compared to ~500 SaaS apps at similar orgs.
• The biggest risks stem from business users having the ability to build apps and copilots without needing a coding background and without proper security guardrails in place.
• Risks were directly linked to the OWASP Top 10 for low-code/no-code, with authorization misuse, authentication failures, and data and secrets handling being the top 3 culprits for risk.

Download the report to understand the severity of these risks and gain actionable strategies to secure copilots and low-code app development in your organization.