Sara Montefiore
-
February 29, 2024
Key Insights from the Industry’s First Ever ASPM Nation Event
That’s a wrap on ASPM Nation! Thanks to our expert line-up of speakers and panelists, we learned how to build...
-
April 22, 2026
Cleaner Code Isn’t Enough: Why AI Still Can’t Automate Security Judgment
There’s a clean version of the AI security story that I keep hearing: models get better, scanners get smarter, vulnerabilities...
-
April 22, 2026
2026 Product Security All-Stars: 9 Things The Best Practitioners Are Doing Differently
We analyzed the first 100 real-world conversations with Cycode Maestro. What we found challenged our assumptions and revealed where practitioners...
-
April 9, 2026
The First 100 Cycode Maestro Conversations: What Security Teams Actually Ask an AI Agent
We analyzed the first 100 real-world conversations with Cycode Maestro. What we found challenged our assumptions and revealed where practitioners...
-
March 4, 2026
Introducing Cycode Maestro: The Security Conductor of Your Agentic SDLC
After a closed beta and three months of valuable feedback from early access customers, we are thrilled to unveil Cycode...
-
April 5, 2026
How to Run an Application Security Audit: Best Practices and Checklist
Application security audits used to be relatively straightforward. Security teams would review the codebase, run a few scans, document the...
-
March 31, 2026
Top AI Security Vulnerabilities to Watch out for in 2026
Top AI Security Vulnerabilities to Watch out for in 2026 AI security vulnerabilities are increasing faster than most security teams...
-
March 25, 2026
Shedding The Lite: Unfolding The Dramatic Turn of Events with the LiteLLM Compromise
On March 24, 2026, the self-proclaimed "TeamPCP" threat actor compromised the PyPI publishing credentials for LiteLLM, a highly popular open-source...
-
March 23, 2026
Deterministic vs. Non-Deterministic vs. Probabilistic AI in AppSec: Why the Distinction Is Now a Security Control
Most conversations about AI in application security argue about capability: can the model find the bug, can it generate a...
-
March 19, 2026
The Rise of Agent Infrastructure as Code: Why Securing AI Agents Starts in the Repository
The new OWASP Agentic Top 10 and NVIDIA's OpenShell prove that AI agent security is an infrastructure problem — and...
-
March 19, 2026
Securing the Agentic Development Lifecycle (ADLC)
Every organization now has AI-generated code in its codebase. All of them. According to Cycode’s State of Product Security for...
-
March 9, 2026
7 Enterprise-Grade Cloud-Native Application Security Solutions for 2026
Cloud-native application security refers to methodologies and technologies designed to secure applications built, deployed, and operated on cloud platforms such...
-
March 5, 2026
Secrets Management Best Practices and Guide
One of the biggest problems for modern development teams is securely storing credentials. As organizations scale to manage hundreds or...
