The software development lifecycle has fundamentally transformed. As autonomous AI agents shift from conversational assistants to credentialed actors capable of generating, reviewing, and executing code, security leaders are facing an entirely new operational paradigm: the Agentic Development Life Cycle (ADLC).
On July 14, 2026, Cycode brought together the world’s leading CISOs, cybersecurity researchers, and security trailblazers for the virtual Agentic Development Security Summit. From frontline compliance and security leaders at Anthropic to enterprise AI security innovators at Cisco and Abbott, the message across every session was unmistakable: We must make security as agentic as development.
Here is your comprehensive look at the core insights, tactical frameworks, and real-world strategies revealed during the summit.
Session 1 | Opening Remarks: Day Zero in the Shift to AI: The End of Security as We Knew It
The summit opened with Lior Levy challenging the industry to look past traditional development paradigms. How much has software development changed in the last 20 years versus the last six months? Driven by rapid model iterations, the shift from legacy, human-led engineering to an agent-driven ecosystem is altering risk profiles faster than traditional guardrails can scale.
The keynote introduced The Shift to AI, a necessary blueprint designed to ensure security moves at the exact same velocity as autonomous development. This new operating model is anchored by three primary tenets:
- Control: Securing the developer and establishing guardrails around what an agent is authorized to execute.
- Context: Fostering context-aware systems that understand the true relationships between repositories, code pipelines, and enterprise infrastructure.
- Autonomy: Transitioning security from manual triage workflows to self-healing, automated remediation.
With frontier models accelerating development, organizations must match that momentum by deploying security that is as fast but still resilient.
Watch the session to learn how to operationalize the Shift to AI.
Session 2 | Panel: Agentic Exploits, Shadow AI, and Novel Vulnerabilities: How to Manage the AI Attack Surface
As AI tools saturate the enterprise, security organizations are suddenly defending an exponentially expanding perimeter. Amir Kazemi (Cycode) sat down with James Berthoty (Latio), Avdhesh Kumar Bhardwaj (Truist), and Daniel Hammon (Signifyd) to map what’s defining the modern AI attack surface: unsanctioned tooling, flooded codebases, novel logic flaws, and machine-speed exploitation.
The Collapse of the Patch Management Window
A primary concern among the panel is the structural destruction of traditional patch cycles. AI has dramatically lowered the barrier to entry for vulnerability research and automated exploit engineering. Attackers are successfully weaponizing newly disclosed CVEs in a matter of hours, making traditional, human-scheduled patch management completely obsolete.
The Operational Challenge of AI SAST
The group explored the realities of scaling automated scanning. While AI-powered Static Application Security Testing (SAST) represents a 10x improvement in discovering complex architectural and business logic flaws that legacy scanners routinely miss, it also threatens to overwhelm teams with an unprecedented volume of findings.
The solution requires transitioning to Application Security Posture Management (ASPM) platforms capable of deduplicating findings, establishing environmental reachability, and injecting business context to isolate the critical 1% of actionable risk.
Notable Quotes:
- “We are seeing one of the biggest transformations in software engineering in the last 20 years… Chatbots are giving the advice, but the AI agents, they do the action. That changed the security conversation drastically, completely.” — Avdhesh Kumar Bhardwaj (Truist)
- “Right now, I think one of the larger threats that we have is this collapse of the patch management window that we’ve enjoyed for many years.” — Daniel Hammon (Signifyd)
- “The time to exploit has gone down, now it is around three hours so far this year. You have to figure out how to consistently roll patches across infrastructure at scale.” — James Berthoty (Latio)
See how these practitioners are scaling defenses against machine-speed exploitation.
Session 3 | Panel: Secure through Control: Visibility, Governance, and Guardrails for Agentic Development
As developers quickly adopt autonomous workflows, security is fighting for visibility. Devin Maguire (Cycode) hosted Katie Norton (IDC), Michael Roberts (Abbott), and Derek Fisher (Securely Built) to discuss the structural guardrails necessary to secure the developer environment without breaking engineering velocity.
The Problem of Automation Bias
The panel analyzed a pervasive human risk: automation bias. As coding agents generate immense blocks of software in seconds, developers increasingly suffer from a form of validation fatigue, routinely accepting major codebase changes without line-by-line verification. This creates a state of “verification debt,” where the sheer volume of production alterations outpaces human review capacity.
Structural Frameworks over Behavioral Policies
Katie Norton introduced a critical three-layer control framework to move past surface-level employee behavioral policies and establish rigid, systemic oversight:
- Point of Generation Controls: Scanning prompts, preventing secret leakage, and validating model interactions directly at the developer endpoint.
- Post-Generation Pipeline Validation: Running tracing, tracking, and deep, context-aware regression checks on all generated code blocks.
- Ecosystem Governance: Maintaining an active inventory of every authorized model, IDE extension, and Model Context Protocol (MCP) server running across the enterprise.
The panel concluded that while the goals of AppSec remain, finding leaks, identifying CVEs, and managing malicious dependencies, the insertion point for security controls has structurally moved left from the repository to the prompt itself.
Notable Quotes:
- “The coding agent isn’t just a tool; it’s a credentialed actor with access to your repositories, your APIs, and your secrets. Organizations are essentially creating a privileged insider.” — Katie Norton (IDC)
- “Managing the dependencies and the underlying actions that an agent takes at machine speed is going to be a difficult security problem that needs to be addressed.” — Michael Roberts (Abbott)
- “Cybersecurity is about managing risk and balancing that against the speed that the organization wants to produce value. Are we willing to accept the fact that we have AI testing AI?” — Derek Fisher (Securely Built)
Watch the session to learn how to deploy a structural, three-layer governance framework.
Session 4 | Panel: Strength in Depth: Building a Security Fabric for the AI Era
To secure a highly fluid development lifecycle, organizations must abandon isolated point solutions in favor of a cohesive security fabric. Eric Kim (Cycode) was joined by Kyle Metivier (HackerOne) and Crystal Morin (Sysdig) to explore how real-time runtime detection patterns must actively inform pipeline security controls, and vice versa.
Exploitation Costs and Chained Vulnerabilities
The panel redefined what modern exposure looks like. Attackers are utilizing LLMs to dynamically “chain” multiple low-or-medium severity findings into complex, production-grade exploits in minutes. Consequently, looking at individual security signals in a silo is no longer sufficient; teams must view pipeline artifacts, endpoint behaviors, and runtime operations through a single, continuous feedback loop.
Runtime as the Ultimate Source of Truth
Crystal Morin framed runtime visibility not merely as a safety net, but as the ground-truth validator of an organization’s security posture. Upstream scans and image policies represent predictions, but production reveals real-time behavior.
With cloud and agentic attacks manifesting in under ten minutes post-compromise, runtime insights paired with automated containment capabilities are essential to block data exfiltration the moment trust boundaries are breached.
Notable Quotes:
- “The exposures have existed for a long time. It’s just that the cost to reach and exploit those exposures has significantly reduced with the introduction of AI.” — Kyle Metivier (HackerOne)
- “Runtime is where predictions from upstream controls become reality. You could have an image scan that is clean, but then in production, it makes an outbound call to an unfamiliar domain.” — Crystal Morin (Sysdig)
Explore the power of a unified security fabric from code to production.
Session 5 | Fireside Chat: Inside Anthropic’s Security and GRC Playbook
Building at the cutting edge of AI means operating without a pre-existing rulebook. Ronen Slavin (CTO and Co-founder, Cycode) held an exclusive fireside chat with Adrienne Allen, Head of Security GRC at Anthropic, to explore how the organization manages live risk, adapts compliance frameworks, and scales internal security controls.
Decoupling Compliance from Human Bottlenecks
Traditional compliance frameworks (such as SOC 2 or ISO) mandate that all code changes undergo independent review prior to production deployment. However, when autonomous agents open, write, and adjust pull requests at immense volumes, relying strictly on human-in-the-loop gatekeeping breaks shipping velocity.
Anthropic addresses this by tiering repositories and changes by risk profile, using a calibrated blend of automated agentic reviews and deterministic testing, and keeping human intervention targeted where it has the highest risk impact.
Redefining Human Accountability
Adrienne Allen clarified a major misconception regarding modern AI auditing: audit frameworks do not recognize an AI model as an independent control capable of replacing human accountability. Therefore, governance must shift away from reviewing every individual micro-change and instead focus on demonstrating continuous, data-backed oversight of the systems doing the work.
Dynamic Risk Practices
With model capabilities evolving rapidly, a risk acceptance signed today can become completely misaligned with reality in a few months. Adrienne Allen shared critical tactical adjustments for modern compliance programs:
- Shorten the lifespan and expiration dates of AI risk acceptances to force frequent re-evaluation.
- Ensure all compliance guardrails are continuously and programmatically testable; if a control cannot be dynamically tested, it is not real.
- Require GRC teams to gain hands-on, deeply technical familiarity with frontier models to avoid becoming the “department of no.”
Notable Quote:
- “All of these audit frameworks rely on the concept of human accountability. The question isn’t necessarily can AI approve this merge; the question is who is accountable if this merge causes a downstream impact?” — Adrienne Allen (Anthropic)
Watch the full fireside chat to learn how Anthropic governs its own development workflows.
Session 6 | Product Innovation: Set It and Secure It: The Self-Protecting ADLC in Action
In this session, Guillaume Montard and Roni Gurvich (Cycode) detailed how Cycode ADLC security brings visibility, governance, and guardrails to agentic development and introduced new Cycode Maestro skills and the addition of agents in workflows that unlock compelling use cases for frontier AI readiness, security debt burn down, and a self-protecting ADLC. Then they open the floor to practitioners Carina Blair (Spring Health) and Cassio Batista Pereira (StoneX).
Real-World Realities: Tracking Risk in Fast-Moving Ecosystems
Carina Blair detailed how Spring Health is shifting its security program to manage agentic development risk. She and her team leverage Cycode to expand coverage and controls across AI tools and agent actions. They also leverage Cycode Maestro to enable security to keep pace with agentic development, running AI exploitability analysis to verify the real-world risk of vulnerable dependencies.
Notable Quote:
- “The fun part about Maestro was that it will go check exploitability for us. It allows us to dig a little bit deeper and have more information around our vulnerabilities that are coming out of the scanners so that we can give something that’s actionable to our developers.” — Carina Blair (Spring Health)
Gamifying Security Maturity to Scale Defense
At StoneX, Cassio Batista Pereira built a comprehensive Security Champions program mapped across sequential martial arts tiers (White Belt to Black Belt). By integrating platform insights with corporate gamification, developers are rewarded through certification budgets and performance promotions for achieving tactical security milestones, such as reducing repository vulnerabilities and enforcing programmatic pull request locks. Key to the program’s success is the ability for champions to rapidly progress, leveraging Cycode to gain security coverage and capabilities like AI remediation to improve risk posture.
Notable Quote:
- “Once you are a black belt, it means that we are doing AppSec from all the perspectives; everything we want as security for the company. The idea of levels is to give to the champions and to the teams a way of doing AppSec easily.” — Cassio Batista Pereira (StoneX)
See how Cycode Maestro enables teams to defend against threats at machine speed.
Session 7 | Special Keynote: Lessons from Glasswing: What I Learned Building Defenses Working With Mythos Before Release
In the final session of the summit, Ronen Slavin sat down with Omar Santos, Distinguished Engineer at Cisco, to hear about Cisco’s months of hands-on testing with frontier AI models inside Project Glasswing.
Structural Risk Elimination over Token Burn
Omar Santos directly debunked that frontier models are uncovering entirely incomprehensible classes of vulnerabilities. In reality, AI is discovering the exact same common weaknesses (SQL injections, XSS, and authentication flaws) that have plagued software for decades. The differentiator is that AI chains these flaws together across massive environments at humanly impossible speeds.
However, running massive, brute-force zero-shot prompts across hundreds of thousands of corporate repositories is financially and operationally restrictive. Omar Santos emphasized that the best security teams excel at model selection—deploying lightweight, open-weight, or deterministic scanners for specific, well-defined tasks, and preserving expensive frontier models for highly complex reasoning paths.
Introducing Foundry Security
To help the broader cybersecurity community transition away from point-in-time security checks, Omar Santos discussed Cisco’s contribution to the open-source community: Foundry Security.
Built on the principle that real defensive advantage stems from the engineering architecture built around an AI tool rather than the model itself, Foundry Security provides a comprehensive specification including 130 functional requirements and eight specialized agent roles. This model-agnostic harness allows enterprises to build continuous, automated threat modeling, orchestration, and validation loops directly into their systemic systems of record.
Notable Quote:
- “It is not about the model; it’s about actually getting the proper harnesses in place and working with engineering to migrate from this whack-a-mole of finding and fixing into eliminating structural risk.” — Omar Santos (Cisco)
Learn how to leverage model-agnostic harnesses to systematically eliminate technical debt.
Wrapping Up: Your Operational Roadmap for the AI Era
The 2026 Agentic Development Security Summit confirmed that protecting the modern enterprise cannot be achieved by applying traditional, human-paced security workflows to machine-speed creation. Relying on disconnected point tools or surface-level policy documents leaves critical trust boundaries entirely exposed.
By unifying visibility, governance, and the context needed to act on real risk across the entire Agentic Development Lifecycle, organizations can confidently embrace the immense velocity of AI while neutralizing advanced threat actors at absolute machine speed.
Next Steps to Secure Your Enterprise:
- Watch the Summit on Demand: Access full video recordings of every presentation, panel, and product demonstration in the sections above.
- Accelerate Your Strategy: Learn how to systematically transition your team from legacy practices to automated defense by exploring Cycode’s [Shift to AI].
- Download the Full Report: Review detailed field data and practitioner benchmarks by downloading the complete [2026 State of Product Security Report].
