Nokod Security to Host No-Code Capture the Flag (CTF) Challenge at OWASP Global AppSec 2025

Live competition to expose risks in citizen-developer apps built with no-code platforms

BOULDER, Colo. and TEL AVIV, Israel, Oct. 27, 2025 (GLOBE NEWSWIRE) -- Nokod Security, the leading security company for no-code development, today announced it will host a No-Code Capture the Flag (CTF) hacking contest at the upcoming OWASP 2025 Global AppSec USA conference in Washington, D.C. The live challenge, titled Bob the Breaker: Mission Improbable, invites security professionals, ethical hackers, and citizen developers to test their skills by identifying vulnerabilities hidden inside real-world enterprise applications built by business users on platforms such as Microsoft Power Platform, ServiceNow, Salesforce, and UiPath.

WHAT

As enterprises increasingly empower citizen developers to build apps without coding, they are also creating an unmonitored attack surface. Nokod’s CTF challenges participants to uncover vulnerabilities in citizen-built applications that could be exploited to access sensitive data and systems.

In the storyline, “Bob the Breaker”, a mischievous hacker fueled by pumpkin-spice lattes, has infiltrated enterprise citizen developer apps. Participants must analyze workflows, connectors, and data permissions to stop him before he compromises the organization.

Prizes include a LEGO Star Wars Darth Vader Helmet for the top winner and LEGO Technic Bugatti Bolide Racing Cars for nine runners-up.

WHEN

Friday, November 7, 2025, 10:00 a.m. – 2:00 p.m. ET

WHERE

OWASP 2025 Global AppSec USA, Washington Hilton, Washington, D.C.
https://owasp.glueup.com/event/owasp-2025-global-appsec-usa-washington-dc-131624/

HOW TO PARTICIPATE

To join Bob the Breaker: Mission Improbable, visit https://nokodsecurity.ctfd.io/, and use registration code: PumpkinSpiceBob.

About Nokod Security
Nokod Security is the security company for no-code development. The Nokod Security Platform protects enterprises from security risks introduced by no-code, RPA (robotic process automation) and AI Agent development created in a wide range of platforms, including Microsoft Power Platform, UiPath, ServiceNow, Salesforce, and more. The company’s management team were founders of Imperva and SecuredTouch (now Ping Identity). Nokod has received investments from Acrew Capital, Meron Capital, and Flint Capital. For more information about Nokod, follow us X and LinkedIn. To schedule a demo, visit www.Nokodsecurity.com or contact us at info@Nokodsecurity.com.

Media Contact:
Marc Gendron
Marc Gendron PR for Nokod Security
marc@mgpr.net
+1 617-877-7480

mission-improbable-bob-the-breaker-image

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/2bdae3ac-7841-4aa0-945c-ed0329673e5d

Bob the Breaker

Bob the Breaker is back. Armed with caffeine, charm, and a questionable moral compass, Bob is sneaking into a new no-code enterprise apps. to sniff out secrets, exploit misconfigurations, and claim ultimate hacker glory, one innocent-looking app at a time.

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.