#506 Ship Fast, Stay Secure: Elipaz Tanzman on Uniting Developers and Security Teams

The CTO Show With Mehmet has been selected as one of the Best 100 Tech Startup Podcasts Globally

In this episode of The CTO Show with Mehmet, I’m joined by Elipaz Tanzman, Co-Founder and CEO of Cygnostic. Elipaz brings a wealth of experience from his early career as a cybersecurity officer in the Navy to leading innovative solutions in application, AI/ML, and cloud security.

We explore how organizations can break the long-standing tension between R&D and security teams, building a partnership that allows products to ship quickly without compromising on safety — even in the rapidly evolving age of AI.

From integrating security into developers’ native workflows to preparing for the next wave of AI-driven threats, this conversation is packed with actionable advice for CTOs, CISOs, and startup founders alike.

Key Takeaways

• Why R&D and security teams often clash — and how to make them BFFs.

• How to integrate security seamlessly into the development lifecycle.

• The top cybersecurity threats in 2025, from ransomware to AI risks.

• Best practices for using AI in software development without exposing sensitive data.

• Why startups must prioritize security from day one.

• Building ROI for application security investments with developer training and the right tools.

• The role of security champions in fostering a culture of secure coding.

⸻

What You’ll Learn

• How to identify and prioritize security risks in your organization.

• Steps to avoid slowing down product delivery while enhancing security.

• Practical tips for securing AI-assisted coding environments.

• The evolving landscape of security regulations and standards for AI.

• Business case strategies that win executive buy-in for security initiatives.

About the Guest

Elipaz Tanzman is the Co-Founder and CEO of Cygnostic, specializing in application security, AI/ML security, and cloud security. He serves on the Azure International Committee for ISO 27001, bringing a global perspective on security standards. His mission is to harmonize development speed with robust security practices across industries.

https://cygnostic.io/

https://boldpmm.com/elipaz-tanzman/

Episode Highlights

[00:01:00] Elipaz’s journey from Navy cybersecurity officer to Cygnostic CEO.

[00:03:00] The current top threats in cybersecurity and their financial drivers.

[00:06:00] Making R&D and security “best friends forever.”

[00:09:00] Does secure development slow down product delivery?

[00:10:00] Risks of AI-assisted coding and best practices for safe adoption.

[00:14:00] Why startups need security from day one.

[00:18:00] Where CISOs should start when building their DevSecOps stack.

[00:22:00] AI regulations, ISO standards, and the need for security governance.

[00:27:00] Showing ROI for application security programs.

[00:31:00] The next wave of threats and the role of AI in security’s future.

[00:33:00] Advice for students and career changers entering cybersecurity.