Скачать или смотреть S2E4: The Startup Security Playbook: AI That Keeps Up with AI — with Francesco Piccoli (Almanax).

How LLMs are rewriting application security: less false positives, faster triage, and real-world founder playbooks.


Founders are sprinting on AI—attackers are too. Traditional security tools drown teams in alerts and miss the real threats.

In this episode, Almanax founder & CEO Francesco Piccoli breaks down AI-native application security: how LLMs detect logic bugs legacy scanners miss, cut up to 90% of noise, and triage vulnerabilities at the pace you ship.
We cover where “shift-left” falls short, how to operationalize low-friction code scanning in GitHub, and what legal/compliance leaders expect before they’ll sign your deal.

If you’re building or buying AI-accelerated software as a founder, CTO, or security lead, this is the playbook.

Chapters
00:00 AI-Native Security: Why It Matters Now
01:19 Francesco’s Path to AppSec
05:26 Why Legacy Tools Miss Real Bugs
10:48 The Cat-and-Mouse Reality of Cyber
15:46 Legal & Compliance: What Founders Owe
20:34 Founder Best Practices (Week-1 Checklist)
28:46 Cutting 90% of Alert Noise
36:32 Making Security Usable for Devs
39:45 When Breaches Happen: First Calls
41:53 Wrap-Up + Next Steps

Francesco Piccoli
Founder and CEO of Almanax, joins us to unpack how his team is building AI-native systems to catch 5x more bugs while cutting 90% of the noise. We talk about the future of application security, why shift-left isn’t enough anymore, and how triaging vulnerabilities at scale requires a new kind of intelligence.

Who should listen
Seed–Series B founders shipping fast on AI-native stacks
Eng leaders drowning in SAST/DAST false positives
Security & compliance owners prepping for SOC 2 / ISO 27001

Music Credit: "Neptuno" - Phondupe (Album: Onykia)

startupsdecoded.com