Sign up to save your podcasts
Or
Share S2E4: The Startup Security Playbook: AI That Keeps Up with AI — with Francesco Piccoli (Almanax).
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
S2E4: The Startup Security Playbook: AI That Keeps Up with AI — with Francesco Piccoli (Almanax).
Send us a text
How LLMs are rewriting application security: less false positives, faster triage, and real-world founder playbooks.
Founders are sprinting on AI—attackers are too. Traditional security tools drown teams in alerts and miss the real threats.
In this episode, Almanax founder & CEO Francesco Piccoli breaks down AI-native application security: how LLMs detect logic bugs legacy scanners miss, cut up to 90% of noise, and triage vulnerabilities at the pace you ship. We cover where “shift-left” falls short, how to operationalize low-friction code scanning in GitHub, and what legal/compliance leaders expect before they’ll sign your deal.
If you’re building or buying AI-accelerated software as a founder, CTO, or security lead, this is the playbook.
Chapters
00:00 AI-Native Security: Why It Matters Now
01:19 Francesco’s Path to AppSec
05:26 Why Legacy Tools Miss Real Bugs
10:48 The Cat-and-Mouse Reality of Cyber
15:46 Legal & Compliance: What Founders Owe
20:34 Founder Best Practices (Week-1 Checklist)
28:46 Cutting 90% of Alert Noise
36:32 Making Security Usable for Devs
39:45 When Breaches Happen: First Calls
41:53 Wrap-Up + Next Steps
Francesco Piccoli
Founder and CEO of Almanax, joins us to unpack how his team is building AI-native systems to catch 5x more bugs while cutting 90% of the noise. We talk about the future of application security, why shift-left isn’t enough anymore, and how triaging vulnerabilities at scale requires a new kind of intelligence.
Who Should Listen
- Seed–Series B founders shipping fast on AI-native stacks
- Eng leaders drowning in SAST/DAST false positives
- Security & compliance owners prepping for SOC 2 / ISO 27001
Music Credit:
"Neptuno" - Phondupe (Album: Onykia)
Access All Areas.
- Listen: Apple || Spotify || YouTube
- Subscribe: Substack
- Community & Events: Founders Circle
- Connect:
Need clarity on fundraising, strategy, or scaling?
You can book me, Andy Walsh, directly on Hubble for focused 1:1 advice. 15, 30, or 45 minutes no fluff, just solutions.
Head to hubble.social/AndyWalsh
Discover Smarter Investing with the Teaminvest Wealth Builders Podcast
Expert insights and proven strategies from Australia's top investors. Build your wealth.
Listen on: Apple Podcasts Spotify
Support the show
View all episodes
By Andy Walsh
5
2020 ratings
Send us a text
How LLMs are rewriting application security: less false positives, faster triage, and real-world founder playbooks.
Founders are sprinting on AI—attackers are too. Traditional security tools drown teams in alerts and miss the real threats.
In this episode, Almanax founder & CEO Francesco Piccoli breaks down AI-native application security: how LLMs detect logic bugs legacy scanners miss, cut up to 90% of noise, and triage vulnerabilities at the pace you ship. We cover where “shift-left” falls short, how to operationalize low-friction code scanning in GitHub, and what legal/compliance leaders expect before they’ll sign your deal.
If you’re building or buying AI-accelerated software as a founder, CTO, or security lead, this is the playbook.
Chapters
00:00 AI-Native Security: Why It Matters Now
01:19 Francesco’s Path to AppSec
05:26 Why Legacy Tools Miss Real Bugs
10:48 The Cat-and-Mouse Reality of Cyber
15:46 Legal & Compliance: What Founders Owe
20:34 Founder Best Practices (Week-1 Checklist)
28:46 Cutting 90% of Alert Noise
36:32 Making Security Usable for Devs
39:45 When Breaches Happen: First Calls
41:53 Wrap-Up + Next Steps
Francesco Piccoli
Founder and CEO of Almanax, joins us to unpack how his team is building AI-native systems to catch 5x more bugs while cutting 90% of the noise. We talk about the future of application security, why shift-left isn’t enough anymore, and how triaging vulnerabilities at scale requires a new kind of intelligence.
Who Should Listen
- Seed–Series B founders shipping fast on AI-native stacks
- Eng leaders drowning in SAST/DAST false positives
- Security & compliance owners prepping for SOC 2 / ISO 27001
Music Credit:
"Neptuno" - Phondupe (Album: Onykia)
Access All Areas.
- Listen: Apple || Spotify || YouTube
- Subscribe: Substack
- Community & Events: Founders Circle
- Connect:
Need clarity on fundraising, strategy, or scaling?
You can book me, Andy Walsh, directly on Hubble for focused 1:1 advice. 15, 30, or 45 minutes no fluff, just solutions.
Head to hubble.social/AndyWalsh
Discover Smarter Investing with the Teaminvest Wealth Builders Podcast
Expert insights and proven strategies from Australia's top investors. Build your wealth.
Listen on: Apple Podcasts Spotify
Support the show
More shows like Startups Decoded
View all
Freakonomics Radio
32,081 Listeners
The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch
537 Listeners
Acquired
4,546 Listeners
Invest Like the Best with Patrick O'Shaughnessy
2,322 Listeners
The Daily
112,835 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,956 Listeners
Hard Fork
5,488 Listeners
120 secondes de Tech
1 Listeners
Open Container: Outdoor culture as a free flowing conversation
22 Listeners
Adulting with Autism
73 Listeners
Different, not broken
14 Listeners
The Woo Report: A Playful Dive into your Spiritual Side
34 Listeners
10 Minute Masterclass
61 Listeners
Forking Unfiltered
7 Listeners
More Human
2 Listeners