Will New Hires Help Legit Secure AI-Native Development?

Article Highlights
Off On

Lead: A Market Racing Ahead

Code increasingly arrived not only from humans but from coding agents sprinting through backlogs, and with that speed came tangled risks—opaque attack paths, model abuse, and policy drift that hid inside automated workflows.Enterprises that chased velocity discovered a new truth: getting AppSec wrong in the AI era did not just mean missed tests; it meant blind spots that multiplied with every agentic handoff.Rather than slow down, some security leaders chose to build faster with stronger guardrails, betting that the right mix of leadership and platform decisions could keep pace without raising blast radius.That was the wager on display when Legit Security named Tamar Nulman as VP of Human Resources and Omri Arnon as Head of Engineering in Tel Aviv.

Nut Graph: Why This Story Matters

AI moved software creation from human-first to machine-assisted and agentic, pushing throughput higher while expanding the attack surface to include prompt injection, insecure tools, and shadow models.Traditional AppSec, designed around static checks and isolated repos, struggled to see across agents, orchestration layers, and fast-changing policies, leaving teams reactive rather than ready.Legit’s move signaled a response to customers asking for unified control planes that govern AI-generated code, agent actions, and end-to-end pipelines.The company framed the moment directly: “This is a pivotal moment for software security as AI reshapes how code gets built,” leadership said, casting execution and category definition as a near-term race rather than a distant goal.

Body: People, Platform, and a Fast-Forming Category

Nulman, who scaled hiring and culture at MyHeritage, arrived to stand up a recruiting engine that targeted scarce skills—ML security, agent orchestration, and secure toolchain design—and to embed a security-first mindset without throttling product velocity.Her charter centered on reducing handoffs between AppSec, platform, and feature teams so context moved as quickly as code.“Our focus is a high-performance culture and a recruiting engine that matches our ambition,” Nulman said.

Arnon brought enterprise security pedigree from SentinelOne and Palo Alto Networks, translating strategy into platform outcomes that developers would accept on day one. His roadmap emphasized coverage for AI-generated code quality and provenance, telemetry for coding agents and tools, and policy-as-code that flowed across repos, CI/CD, and agent orchestrators.“We’re shipping a powerful and comprehensive platform to secure AI-native workflows at scale,” Arnon said, underscoring the need to ship controls that protect without stalling builds.

The thesis was straightforward: unify visibility and control so speed did not erode trust.In practice, that looked like surfacing agent actions inside pipelines, blocking risky steps with real-time guidance, and offering safe alternatives that kept releases on schedule. Early enterprise pilots reported that policy gates on agents reduced last-mile friction between AppSec reviewers and developers, especially when guardrails were embedded where coding happened.

Tel Aviv’s network mattered, too.The city blended offensive security expertise with product engineering at scale, creating short feedback loops between customers, research, and delivery. That density helped teams validate controls against real attack techniques while refining developer experience, a balance many platforms missed when stitched together from point solutions.

Conclusion: What Leaders Did Next

The path forward prioritized concrete steps: inventory active models, agents, prompts, and tools; codify policies into CI/CD; instrument agent telemetry with least-privilege access; and automate evidence for audit.Teams then measured progress with four signals—less insecure AI-generated code merged to main, a higher share of agent actions governed by policy, faster remediation without blocking releases, and healthier developer sentiment.With hiring aligned to ML security and developer experience, and engineering focused on provenance, agent control, and governance, the company positioned itself to turn urgency into execution. The leadership additions created the conditions for scale, the platform absorbed complexity, and customers gained a way to move fast while staying in bounds.In the end, progress depended on pairing culture with controls, and the hires made that pairing possible.

Explore more

Can a Unified ERP System Future-Proof Levi Strauss?

Establishing a seamless digital environment for a brand that spans over a hundred nations is a monumental undertaking that requires more than just standard software updates. Currently, Levi Strauss & Co. is navigating a profound transformation of its digital infrastructure, aiming for a mid-2027 completion of a fully integrated global enterprise resource planning system. This strategic overhaul is not merely

Ethereum Faces $10 Billion Liquidation Risk Near $2,000

The current trajectory of Ethereum suggests a massive collision between aggressive retail speculation and sophisticated institutional sell-side pressure as the asset hovers near the $2,000 psychological threshold. This specific price point has historically served as a pivot for broader market sentiment, influencing the behavior of various decentralized finance protocols and secondary layer-two scaling solutions. Currently, the market exhibits a state

ClickLock Malware Coerces macOS Users to Surrender Passwords

Traditional macOS security architectures have long been celebrated for their robust sandboxing and gated execution, yet a new strain of malware is proving that the human element remains the most vulnerable entry point in any digital ecosystem. This threat, known as ClickLock, has emerged as a particularly aggressive evolution in the macOS threat landscape by prioritizing psychological pressure and social

Stalled Windows 11 Migration Poses Growing Security Risks

The global landscape of enterprise computing is currently grappling with a persistent digital divide as a significant segment of users continues to rely on Windows 10 despite the availability of more secure alternatives. The current ecosystem of digital infrastructure remains tethered to legacy architecture, with recent telemetry indicating that approximately one in six workstations worldwide continues to operate on Windows

How Is OpenAI Redefining AI With Precision Engineering?

The shift from experimental conversationalists to precise engineering tools has fundamentally altered the landscape of digital productivity and high-performance computing in 2026. This transition is marked by a move away from the early excitement surrounding generative models toward a rigorous framework centered on deep optimization and granular control. OpenAI has spearheaded this movement with the introduction of the GPT-5.6 Sol