Zenity strives to keep no-code/low-code apps secure

So many companies are using low-code and no-code tools these days to create apps and workflows. These tools are by design likely in the hands of non-technical end users, but the problem is that these folks might not know about basic rules around security and governance.

Zenity, an early-stage Israeli startup, has created a solution to help keep these applications secure. Today they announced a $16.5 million Series A investment to continue building the company.

Ben Kliger and his co-founder Michael Bargury recognized that this ability to create applications quickly was potentially a double-edged sword. While these tools put developing applications in reach of any business user, that can come with its own set of problems.

“Anyone can be a developer today, and so these technologies are beautiful. They empower people to be more productive, to create new solutions for themselves, for their peers, and of course for their organizations. But the other side of these beautiful technologies is that those people are not tech savvy. They're also not security savvy,” Kliger told TechCrunch.

That can cause big issues for companies. Zenity’s goal is giving the security organization and application security teams inside a company more visibility into these new applications without stifling the capabilities of the users building those applications. Bargury says there’s really not much difference when it comes to securing an app, whether it was created by a professional developer or a business user, but there’s been a lack of tooling for the latter.

“It doesn't matter who created the application or what the process was to create it. It still has identity, touches data and authenticates users. There's a bunch of things that could go wrong about the logic of an application. And so we have to think about this. So the same kind of problems that we've solved, or tried to solve, in application security for things that developers are building, we now have to solve again for business users,” Bargury said.

Zenity connects to the no-code/low-code tools via APIs, and pulls in metadata and other information about the programs being created and it looks for security issues and warns the security teams via a centralized dashboard when it finds something like exposed data or mishandled identity. The teams can fix these problems, and use them as teachable moments for the citizen developers, they can automate the fixes or they can send it back to the developers to fix, depending on the organization’s approach and requirements.

Zenity no code/low code applications security dashboard.
Zenity no code/low code applications security dashboard.

Image Credits: Zenity

The two founders became friends while working at Microsoft, and saw this problem with a large client that was making extensive use of no-code tools. They decided to start a company together and launched Zenity in 2021. The product is generally available, and while they aren’t sharing customer numbers just yet, they’ve built the company from just the two founders to 25 people today, and are continuing to hire with the new funding.

Today’s $16.5 million round was led by Intel Capital with participation from existing investors Vertex Ventures and UpWest, as well as new investors from Gefen Capital and B5. Under the terms of the agreement, Yoni Greifman, investment director at Intel Capital, will be joining the startup’s board of directors.