Cycode

"You cannot scale manual security processes to match AI-enabled development velocity." That is the reality Jamie Dicken is navigating as the Director of Security Platforms at GitLab. Instead of adding more checkpoints that slow down the business, her team focuses on building "Golden Paths" that make the secure way the default way for every developer. The security engineer of 2026 is not a manual reviewer. They are orchestrators. Jamie Dicken and other product security leaders explain how to make that shift in our 2026 All-Stars report. → Read the report: https://lnkd.in/g3fVgvFT #ProductSecurity #AllStars2026 #Cycode

The SDLC is increasingly autonomous. Human-led triage can't keep pace, and more tools won't close the gap. Security needs a new operating model. On May 20, our 2026 Product Security All-Stars from Schneider Electric, Life360 and Ciena join us for an exclusive panel: 𝗧𝗵𝗲 𝟮𝟬𝟮𝟳 𝗛𝗼𝗿𝗶𝘇𝗼𝗻: 𝗔𝗜 𝗚𝗼𝘃𝗲𝗿𝗻𝗮𝗻𝗰𝗲 𝗮𝗻𝗱 𝘁𝗵𝗲 𝗔𝗴𝗲𝗻𝘁𝗶𝗰 𝗦𝗗𝗟𝗖 What you'll take away: → Scalable governance frameworks beyond vulnerability counts → The silent supply chain threats traditional scanners miss → The shift from manual triage to automated remediation, with AI as a trusted teammate On-demand release: May 20 at 1:00 PM ET. Reserve your seat: https://shorturl.at/4Ndc7 #ProductSecurity #AgenticSDLC #AIGovernance #Cycode Priya Balasubramaniam Nikola Dalcekovic Chase Pettet Amir Kazemi

AI governance is meaningless if it only exists on paper. In this clip, Rinki Sethi (Chief Security and Strategy Officer at Upwind Security) highlights a major red flag for modern organizations. Many companies have AI committees and policy standards, but they cannot demonstrate how those policies show up technically in their real environments. If you cannot identify which models are running, what data they touch, or how outputs are validated, your organization is already behind. Real security requires moving past policy and into actual implementation. Catch the full session and all the insights from our Product Security Summit in the recap blog. Read the full recap here: https://lnkd.in/eZ2Y-BwV #ApplicationSecurity #ProductSecurity #AI #AIGovernance #CISO #CyberSecurity #TechStrategy

This month a team using CIMON in Prevent Mode blocked malicious axios packages at runtime, before credentials left the build runner. The upstream controls missed it. The runtime layer caught it. CIMON is Cycode's open source, completely free runtime security tool for CI/CD pipelines. One more layer in your defense in depth stack. If your pipeline stops at the scanner, you have a gap. https://cimon.build

Security isn't an afterthought. It’s part of the product DNA. 🧬 For Priya Balasubramaniam, Head of Innovation Center, Product & Application Security at Ciena, true security isn't about the final "check." It’s about building a foundation where applications adhere to strong security standards by default. In our 2026 Product Security All-Stars report, Priya discusses: - Why boards need to look beyond CVE counts to find "blind spots" like malicious code. - The shift from technical gates to strategic business enablement. - How AI can evolve from a tool into a "trusted teammate" for developers. Read Priya’s full All-Star interview here: https://lnkd.in/efVZRss4 #Cycode #AllStars2026 #ProductSecurity #SecureByDesign #AppSec #Innovation

Akamai WAF blocks an OS command injection at the edge. But the vulnerable endpoint still lives upstream in a repository, and the code owner does not know. That gap is where breaches happen. Perimeter detection without code lineage is a half-built system. The focus has shifted from detection to context: correlating attacks with the code that produced the exposure, fast enough to fix it before the next probe lands. That is exactly what Cycode's Context Intelligence Graph powers. The Cycode and Akamai WAF integration ingests events directly into the graph. Every runtime signal is aggregated by endpoint and rule, then matched against the live-observed API, the service definition in source, and the owner responsible. PII-aware filtering narrows the queue to the small percentage of events that actually represent business risk. Shadow coverage detection surfaces the domains sitting outside WAF protection entirely. Edge alerts become coordinated, prioritized action. Read the full breakdown: https://lnkd.in/dn6YsDty #Cycode #APISecurity #DevSecOps #AISecurity

BSidesCharm is a wrap. Sleep masks. Earplugs. A crowd that immediately got the joke. Rest easy knowing your Agentic Development Lifecycle is covered; that was the vibe at our booth last weekend, and the security community ran with it. Thanks to everyone who stopped by to chat with Sean Varga and Spencer Howie. The conversations were real, the swag was a hit, and the energy in Baltimore reminded us why community events like this matter. Want to see what Cycode actually does while you sleep? Book a demo:  https://lnkd.in/eHcWhxHf #Cycode #BSidesCharm #ApplicationSecurity #ProductSecurity

We spent time with the leading product security practitioners of 2026. They work at companies like Schneider Electric, GitLab, Life360, Veeam and beyond. They are CISOs, Product Security Leaders, Security Officers and Security Evangelists, all navigating a landscape that changed more in the last year than in the previous decade. A few things came through in every conversation: - The teams winning are not focused on doing more. They are focused on doing the right things. - Security has to feel like enablement, not enforcement. - Context, not volume, is what separates signal from noise. - AI is not the threat. Treating AI output the same way we treat human output is. The 2026 Product Security All-Stars report is live. Read the interviews here: https://lnkd.in/g-Fbtke2 #ProductSecurity #AllStars2026 #ApplicationSecurity

Last week we published the 2026 Product Security All-Stars report. The response reminded me why I started Cycode. These are exactly the conversations I built this company around. Security leaders who refuse to accept that the old model is good enough. The threat landscape has fundamentally changed. Attackers now have access to the same AI models your developers do. Exploit development that took weeks now takes hours and will soon take minutes. Here is the math that gets lost: AI doesn't just reduce risk per line of code, it dramatically increases the number of lines created. Even a lower rate of risk at 100x the volume is still a larger total attack surface than before. The teams that are winning changed how they work. They're using AI to keep pace with AI, prioritizing what's actually exploitable and closing the gaps fast. That is exactly the world Cycode was designed for. Read the full report here: https://lnkd.in/dE3s_J-j Huge congratulations to the 2026 Product Security All-Stars: Nikola Dalcekovic (2X All-Star), Cybersecurity Officer, Prosumer Software, Schneider Electric Priya Balasubramaniam, Head of Innovation Center, Product & Application Security, Ciena Anshuman Bhartiya, AI AppSec Engineer Miriam Celi (She/Her), Director of EIP Security Architecture, Humana Julie Chickillo, VP, Head of Cybersecurity, Guild Education Jamie Dicken, Director of Security Platforms and Architecture, GitLab Daniel Hammon, CISSP, MBA, Director, Information Security and Compliance, Signifyd Conleth Kennedy, Application Security Manager, Unum Kevin Markley, Senior Manager of Platform Security, Veeam Kimberly M., Product Security Leader Cássio Batista Pereira, Senior Application Security Evangelist, StoneX Group Rusty Perry - M.S., MBA, Enterprise CISO Leader Chase Pettet, Principal Security Engineer, Life360 Michael Westphal, DevSecOps Lead, Harman

2X Product Security All-Star, Nikola Dalcekovic has spent years securing a global enterprise. Hundreds of engineers. Multiple R&D regions. High-profile products across industries where software failure has real-world consequences. His take for 2026: product security is extending into governing behavior, not just defending code. Nikola, Cybersecurity Officer, Prosumer Software, at Schneider Electric and returning Product Security All-Star, shares his full approach in the report. → Read all interviews here: https://lnkd.in/g_GdRd3U #ProductSecurity #AllStars2026 #Cycode