Application security has always been a balancing act but AI-generated code has tipped the scales entirely. In this episode, Harry and Matt sit down with Liav Caspi, Co-Founder & CTO of Legit Security, to explore how organisations can secure modern software pipelines without slowing development to a crawl.

From his early days in Israel’s elite cyber intelligence Unit 8200, to co-founding one of the most forward-thinking AppSec companies in the market today, Liav brings a rare blend of deep technical expertise and product-led thinking to one of the most urgent challenges in cybersecurity.

They cover the lose-lose dilemma that inspired Legit Security’s founding, why ASPM is becoming the cornerstone of enterprise security strategy, how AI is dismantling the technical moats of legacy vendors and what it means to secure software when AI agents are doing most of the building.

Key Topics:

• Why the traditional approach to application security puts both developers and security teams in an impossible position
• What Application Security Posture Management (ASPM) actually means in practice, and why it’s becoming essential
• How AI is disrupting legacy AppSec vendors like Checkmarx and Veracode and lowering barriers to entry for challengers
• The rise of “agentic AppSec” and what it means to secure AI-driven development pipelines
• Why AI fluency is now a baseline hiring requirement across every role in cybersecurity
• Liav’s prediction that source code itself will become less relevant as AI takes over the build process
• The talent challenge in AppSec: finding people who understand both security and software development

Guest Bio:

Liav Caspi is the Co-Founder and CTO of Legit Security, where he leads the company’s technology vision and product strategy. He began his career in Israel’s elite cyber intelligence Unit 8200, spending around a decade in various engineering, team lead, and project management roles. He went on to serve as Senior Software Engineer and Project Lead at Argus Cyber Security, before joining Checkmarx one of the pioneers in application security where he led architecture and product management for the SCA solution.

In 2021, he co-founded Legit Security, which provides an AI-native Application Security Posture Management (ASPM) platform that helps large enterprises secure their entire software development lifecycle, from code to cloud. Legit Security is purpose-built for the era of AI-powered development, securing CI/CD pipelines, coding agents, and vibe coding environments.

Sponsored by ⁠neuco⁠.

Cyber Security Matters is brought to you by neuco, the specialist recruitment partner for the cybersecurity industry.