
Part of the SD Times 100 2026 series. See the full SD Times 100 2026 list for every category and honoree.
Application security has spent years maturing around a relatively stable assumption: a human wrote the code, a human can be trained to write it more securely, and tools exist to catch what humans miss. That assumption is under real pressure in 2026. A growing share of code now originates from AI assistants and autonomous agents, open-source dependencies remain a primary attack vector, and AI systems themselves have introduced entirely new categories of risk that didn’t exist a few years ago. The Security, Trust & Governance category in this year’s SD Times 100 reflects an industry working to catch up to all three realities at once.
For development leaders, this category is no longer something to hand off entirely to a security team and check in on quarterly. Security, application risk, and AI governance have become close enough to core engineering concerns that the most effective organizations treat them as a shared responsibility between security and engineering leadership, not a handoff between two separate worlds.
Why This Category Matters Now
AI-generated code needs different security scrutiny than human-written code. AI coding assistants can introduce subtle vulnerabilities, insecure default patterns learned from training data, or outright incorrect logic that looks plausible. Security tooling and practices built around the assumption of human authorship need real adjustment, including scanning approaches and review processes specifically tuned to the failure patterns AI-generated code tends to produce.
Software supply chain risk has only intensified. Open-source dependency risk, software bill of materials requirements, and the broader software supply chain security conversation that’s been building for years has not slowed down, and if anything has gained urgency as AI tools pull in dependencies and packages faster than human reviewers can always vet them.
AI governance and model risk management are now distinct disciplines. Deploying an AI model or feature into production introduces risks that traditional application security tooling wasn’t built to catch: model bias, hallucination, prompt injection, data leakage through model outputs, and explainability requirements that matter for both regulatory compliance and basic trust. This has created real demand for tooling purpose-built around AI model observability and governance, distinct from traditional appsec.
Access governance has to extend to both humans and AI agents. As AI agents are given the ability to take action, sometimes autonomously, the question of who or what is authorized to do what has expanded well beyond traditional human role-based access control, requiring more granular, dynamic authorization models that can scope an agent’s permissions tightly and adjust them based on context.
The Different Segments Inside This Category
Cloud-native application protection. Aqua Security anchors this segment, securing containerized and cloud-native applications across the build, deploy, and runtime lifecycle, an area that’s only grown more complex as more workloads, including AI inference workloads, run in containerized cloud environments.
Application security posture management. ArmorCode represents a segment focused on aggregating and correlating findings across the many individual security tools an organization runs, giving security and engineering leaders a unified, prioritized view of risk rather than a dozen disconnected tool dashboards.
AI-native security and governance. AISLE reflects the newest wave in this category: security tooling built specifically for the risks introduced by AI systems themselves, an area still actively defining its own best practices as the threats it addresses are still being discovered in real time.
Static and dynamic application security testing. Checkmarx and Veracode anchor the traditional core of application security testing, scanning code for vulnerabilities before and after deployment. Both have invested significantly in adapting their scanning approaches specifically to catch the patterns of vulnerability that AI-generated code tends to introduce.
Runtime application protection. Contrast Security occupies a distinct position, focusing on instrumenting applications to detect and block attacks in real time as they run, rather than only scanning code before deployment, which provides a complementary layer of defense against vulnerabilities that static analysis alone can miss.
Developer-first vulnerability management. Snyk built its reputation specifically on integrating security scanning directly into developer workflows rather than treating security as a separate gate, a philosophy that’s become the default expectation across this category broadly.
Open-source and software composition analysis. Sonatype and BlackDuck anchor the segment focused specifically on understanding and securing the open-source components and dependencies that make up the large majority of most modern codebases, an area of sustained importance as supply chain security requirements (including SBOM generation) have become standard practice or regulatory requirement in many industries.
Security information and event management. Splunk represents the broader security operations and observability layer, correlating security signal across an organization’s full technology footprint, with growing emphasis on using AI to help security teams triage the same volume and complexity challenges that operations teams face.
Secure coding education. Security Journey (2026 Addition) focuses on building secure coding skill and awareness directly into developer training, on the theory that preventing vulnerabilities at the point of creation is more efficient than catching them downstream.
AI model observability and trust. Fiddler AI (2026 Addition) addresses the model governance side of this category directly: monitoring AI models in production for bias, drift, and explainability, giving organizations the ability to understand and trust what their AI systems are actually doing.
Fine-grained authorization. Permit.io represents a segment with renewed relevance specifically because of AI agents: providing the fine-grained, dynamic authorization infrastructure needed to control precisely what a human user or an autonomous agent is allowed to do, in environments where coarse role-based access control isn’t precise enough.
The clearest pattern in mature security practices is shifting security scanning earlier and making it continuous rather than gate-based, embedding scanning directly into developer workflows and CI/CD pipelines rather than treating security review as a separate, sequential step. This pattern predates the current AI wave but has become more important as code velocity increases.
A genuinely new pattern is the emergence of dedicated review and scanning specifically for AI-generated code, recognizing that the vulnerability patterns it tends to introduce differ somewhat from typical human-introduced vulnerabilities. Some organizations now flag AI-generated portions of a change explicitly so reviewers and automated tools can apply additional scrutiny.
On the AI governance side, organizations deploying AI features into regulated or sensitive contexts are building formal model risk management practices, sometimes for the first time, borrowing structure from existing risk and compliance functions but adapting it for AI-specific concerns like hallucination, bias, and explainability.
Finally, authorization architecture is being actively rebuilt in many organizations specifically to accommodate AI agents as actors that need scoped, auditable permissions, rather than retrofitting existing human-oriented access control systems and hoping they generalize safely.
- Does it have a specific answer for AI-generated code, or is that an afterthought? Ask vendors directly how their scanning or detection approach accounts for the vulnerability patterns common in AI-generated code, rather than assuming traditional scanning generalizes perfectly.
- How well does it integrate into existing developer workflows? Security tools that require a separate, disconnected review process tend to get bypassed or deprioritized under deadline pressure. Tools embedded directly into the development workflow get used consistently.
- Does authorization extend cleanly to non-human actors? As AI agents take on more autonomous tasks, authorization and access governance tooling needs to handle agent identities and scoped permissions as a first-class case, not a workaround.
- What’s the actual signal-to-noise ratio? Security tooling that generates excessive false positives trains both security and engineering teams to ignore alerts, which is its own significant risk. Ask for real customer data on resolved-versus-dismissed finding rates.
The 2026 Honorees in Security, Trust & Governance
- Aqua Security — Cloud-native application protection across build, deploy, and runtime.
- ArmorCode — Application security posture management unifying findings across tools.
- AISLE — AI-native security and governance for risks introduced by AI systems.
- Checkmarx — Static and dynamic application security testing platform.
- Contrast Security — Runtime application security and attack detection.
- Snyk — Developer-first vulnerability management integrated into workflows.
- Sonatype — Open-source software composition analysis and supply chain security.
- Splunk — Security information, event management, and observability platform.
- BlackDuck — Software composition analysis and open-source risk management.
- Veracode — Application security testing across the software development lifecycle.
- Security Journey (2026 Addition) — Secure coding education and developer security training.
- Fiddler AI (2026 Addition) — AI model observability, bias detection, and explainability platform.
- Permit.io — Fine-grained, dynamic authorization infrastructure for users and AI agents.
Frequently Asked Questions
Does AI-generated code actually introduce different vulnerabilities than human-written code? Research and field experience both suggest AI-generated code can introduce specific recurring patterns, such as insecure defaults learned from training data or subtly incorrect logic that looks superficially correct, that may not be the same patterns traditional secure coding training and review processes were tuned to catch. This is an active and evolving area, and security tooling vendors are actively adapting scanning approaches accordingly.
What’s the difference between software composition analysis and traditional application security testing? Software composition analysis focuses specifically on the open-source and third-party components and dependencies within an application, identifying known vulnerabilities and license risks in code an organization didn’t write itself. Traditional static and dynamic application security testing focuses on vulnerabilities in the custom code an organization actually wrote.
What does “AI governance” mean in practical terms for an engineering team? It generally means having a defined process and tooling for monitoring AI models and features in production for issues like bias, inaccurate or harmful output, data leakage, and explainability, along with clear ownership for who’s accountable when something goes wrong. For regulated industries, it increasingly also means documentation and audit trails sufficient to satisfy external compliance requirements.
Why does authorization infrastructure need to change for AI agents specifically? Traditional role-based access control was designed around a relatively small, stable set of human roles. AI agents may need dynamic, context-dependent permissions that change based on the specific task they’re performing, and organizations need fine-grained authorization systems capable of expressing and enforcing those more complex rules in real time.
How do we avoid security tooling fatigue when adopting more tools in this category? Prioritize tools that integrate directly into existing developer and security workflows rather than requiring separate dashboards and processes, and consolidate findings into a unified view where possible, since security teams that have to check a dozen disconnected tools daily tend to develop the same fatigue and missed-signal problems as developers facing too many disconnected alerts.
This article is part of the SD Times 100 2026 series exploring the categories and companies shaping software development this year. Read the full SD Times 100 2026 list for the complete roundup.




