2025-06-21 –, Track 2 (Moody Rm. 101)
No-code automation tools like n8n, Make, and Zapier are the cool new kids on the block, letting anyone build complex workflows without writing a line of code. Great for business folks and security teams who want to automate the boring stuff! But here's the catch, these platforms come with a side of security headaches. We'll dive into how these tools can elevate your security operations game while also showing how attackers can leverage these capabilities. Come see both sides of the no-code coin!
Let’s face it, if you can avoid writing code, why wouldn’t you? That’s the appeal behind the rise of no-code automation platforms. With simple drag-and-drop interfaces, you can create workflows to handle everything from marketing emails to, believe it or not, security operations. Security teams are getting in on the action, using no-code tools to streamline their work without touching Python. Whether you are a red or blue team, you can build powerful security workflows and automate repetitive tasks with ease.
But there's always a catch, right? The same drag-and-drop simplicity that makes these tools amazing also makes them security nightmares when implemented poorly.
Through live demos, we'll showcase some cool security workflows you can build with these tools. No super-specific examples here (we're still cooking those up), but you'll see real automation in action.
You'll walk away with practical tips to secure your automation platforms while still enjoying their benefits. Because let's be honest, no-code tools aren't going anywhere, so we might as well make friends with them.
Information Security Manager at AMD with over a decade in experience in offensive security.
Rob Kraus is the Founder & CEO of Vulnerex, LLC, providing expert penetration testing and offensive security services. With 20+ years in cybersecurity, Rob previously led Offensive Cyber Operations at Evolve Security and served as Senior Director at NTT's Global Threat Intelligence Center. He's co-authored two cybersecurity books, reported 20+ CVEs, and holds an MBA, BSIT in Software Development, and industry certifications including CISSP and CEH.