About
• Senior technology executive with over 20 years experience in both large corporate and…
Activity
12K followers
-
Sandeep Johri shared thisWe want to provide an update on the recent security incident involving Checkmarx that has unfolded over the past five weeks. Since March 23rd, we have been managing a sophisticated, multi-stage supply chain attack. To assist us, we immediately retained an external forensics firm. Throughout this process, we have communicated at each stage as findings were confirmed. We understand that our customers sought answers quickly, and we recognize that the pace of our communication may have caused uncertainty for those needing clarity while we were still gathering information. As a security company, we hold ourselves to a very high standard. The sophistication of the threat we faced is significant, and it has reinforced our commitment to enhance our response. As stated in my letter to customers today, "the velocity and coordination of today’s threat landscape demands that we move even faster, communicate even more proactively, and provide customers with actionable information at every stage, even as the picture is still developing." In line with this commitment, we have issued an interim summary report today. Our investigation indicates that our customer production environment does not appear to have been affected. Additionally, we have retained a second forensics firm and are engaging with law enforcement. We will continue to share details and findings as they become available. I hope this moment will define how Checkmarx responds to an unfortunate event and that we can take the lessons learned to improve our internal processes while sharing those insights with our customers. Link to the report: https://lnkd.in/gW4zSExa
-
Sandeep Johri shared thisI recently had an insightful conversation with J.D. Durkin from NYSE about the rapid evolution of application security. It's evident that we're developing software in a fundamentally different manner compared to just a few years ago. Developers are advancing at unprecedented speeds, utilizing AI to generate code and increasingly relying on open source. This shift has spurred remarkable innovation but has also altered the security landscape. Developers are not the source of risk; they are focused on building—often with the assistance of AI. The challenge lies in the increased volume of code and complexity, often accompanied by diminished visibility into what is being deployed. With the introduction of new technologies, we face new types of vulnerabilities that are emerging at a pace and scale beyond human management. Many of these vulnerabilities have remained concealed for years. The time from discovery to exploitation has drastically decreased from years to days, and projections suggest it could be less than a minute by 2028. We can no longer regard application security as an afterthought following software release. Application security is more crucial than ever. It must be integrated early in the development process, while developers still have context. It needs to align seamlessly with modern software development practices and keep pace with the rapid evolution of technology.
-
Sandeep Johri shared thisWe’ve had some great conversations here at #RSAC. What stood out to me is that the shift underway isn’t just about new technology; it’s about how organizations are rethinking how they operate around it. As AI becomes more embedded in how software is built, the real challenge (and opportunity) is how teams align, make decisions, and stay in control in systems that are becoming more dynamic and interconnected.Sandeep Johri shared this#RSAC is full of conversations about how AI is changing application security, but one of the more interesting takeaways from our Leadership Event earlier this week was a bit more unexpected: the relationship between CISOs and AppSec teams is in a better place than most people think, and it’s getting stronger. There was a clear recognition that the shift we’re experiencing isn’t just technical, it’s operational. Teams are making decisions about software they didn’t fully write, and that reality is shaping how security shows up. This came through in our discussions between leaders like Kayla Williams and Adi Kavaler, and more broadly across the room. AppSec isn’t trying to keep up with development; it’s partnering in it. One moment between the two captured it well: when asked to describe the future of application development in one word, the answers weren’t “risk” or “complexity”, but acceleration and connection. That combination is telling. The takeaway here is that this isn’t a moment of friction, but of alignment, and that’s what will define the next era of application security. Vivek Bharathi Muruganandam (The AI People Podcast), Yigal Elstein
-
Sandeep Johri shared thisWhen code can be generated, modified, and deployed at machine speed, the assumptions security programs were built on begin to break down. Manual reviews, downstream checkpoints, and periodic testing simply cannot keep pace with AI-driven development. This is why security must evolve from inspection to governance. Organizations need visibility and control across the entire AI software development lifecycle, from the moment code is generated to how it behaves in production, and how vulnerabilities are prioritized and remediated in real time. I’m proud of the work the Checkmarx team is doing to move the industry in this direction. Today, we’re introducing new innovations to Checkmarx One designed to help close what we call the Risk Gap, the widening distance between how fast software is created and how fast it can be secured. More from the team below. ⬇️Sandeep Johri shared thisAI is compressing the software development lifecycle from months to minutes. While software creation accelerates, security processes often lag behind. That gap between how fast code is written and how fast it can be secured is what we call the Risk Gap. Today, we’re introducing new innovations to the Checkmarx One platform designed to govern the full AI software development lifecycle, from AI-assisted code creation to runtime protection and automated remediation. New capabilities include: → Autonomous triage and remediation agents → AI supply chain security → Enhanced dynamic testing → LLM-powered static analysis Together, these innovations bring continuous governance, prevention, and remediation directly into modern development workflows. Learn more here: https://lnkd.in/en_s9YB4
-
Sandeep Johri shared thisWhat the OpenAI Codex Security and Claude Code Security Announcements Mean for the Future of AppSecWhat the OpenAI Codex Security and Claude Code Security Announcements Mean for the Future of AppSec
-
Sandeep Johri shared thisSandeep Johri shared thisAI-driven development is forcing a new level of alignment between engineering and security leaders. At #RSAC2026, we’re bringing both perspectives together for a candid conversation on how organizations are navigating this shift. We’re excited to welcome Kayla Williams, an award-winning global syndicated CISO with more than 15 years of experience leading cybersecurity, privacy, and risk programs across high-tech industries. Kayla has spent her career helping organizations translate security strategy into real operational outcomes. She’ll be joined by Adi Kavaler, an experienced technology executive and engineering leader with more than 25 years building and scaling enterprise software platforms across global organizations, including SAP, HPE, and Zilliant. Adding the research perspective, Erez Yalon from the Checkmarx Zero team will share insights from real-world security investigations, with Ori Bendet moderating the conversation. Together, they’ll bring perspectives from the CISO seat, engineering leadership, and security research to discuss how organizations are navigating the next phase of AI-driven software development. Learn more here: https://lnkd.in/e-FUDmFB
-
Sandeep Johri shared thisAI coding tools are transforming the software development landscape by accelerating the building process. The code produced is functional, polished, and operational, which fosters trust among users. However, it's crucial to recognize that functionality does not equate to security. Application Security (#AppSec) teams are now tasked with managing an increasing volume of code, making it essential for security practices to evolve in tandem with the rapid advancements in AI technology. Frank Emery provides insights on the implications of this shift for AppSec. https://lnkd.in/eAaU6vHx
-
Sandeep Johri shared thisRSA Conference consistently highlights crucial discussions in the security industry. This year, the focus will be on the intersection of AI-driven development and modern application security. The team and I will be present to discuss how we can advance with both speed and security. Book time with me here: Book time with us here: https://lnkd.in/e-FUDmFB #RSAC2026
-
Sandeep Johri posted thisWe’ve built an entire industry around labeling things “critical,” yet many security teams are more overwhelmed than ever. More scanners and more alerts have not solved the problem, and AI has only amplified it. When everything is deemed critical, nothing gets prioritized, allowing real risk to slip through the cracks. The next evolution of Application Security (#AppSec) is not just about detecting more; it’s about understanding what truly matters. The Checkmarx team explains why contextual risk scoring is becoming essential in modern AppSec. Read more here: https://lnkd.in/gFVNNVQ9
-
Sandeep Johri liked thisSandeep Johri liked thisThe CISO role is being rewritten in the age of AI. I had an interesting discussion with a recruitment firm executive who was preparing for a keynote on how the CISO role is evolving. One theme kept coming up throughout the conversation: security leadership can no longer operate in silos. The modern CISO is not just focused on security operations or compliance. The role now requires deep collaboration across CIO, CTO, Data, and AI teams to help the business move faster while managing risk responsibly. There is also a mindset shift happening. Security leaders have to be seen as enablers of AI adoption, not the department of no. The expectation is to help teams innovate safely, guide governance, and create trust around how AI is deployed across the enterprise. Boardroom conversations are evolving as well. CISOs are now expected to provide clearer reporting around AI risk, governance, model exposure, and business impact. Platforms like Mythos are becoming part of these discussions because leaders need measurable ways to communicate how AI systems are being secured. The role is becoming more strategic, more cross functional, and far more tied to business transformation than ever before.
-
Sandeep Johri liked thisSandeep Johri liked thisAfter three incredible years as Director of Product at Checkmarx, it's time for me to turn the page and embark on a new chapter. Three years. It sounds like a number, but to me it feels like a lifetime of learning, building, and growing — and that's entirely because of the people around me, the ones I worked with every single hour for more than 1000 days! To my teammates, colleagues, and partners across the organization: Thank you! Thank you for the late nights, the hard conversations, the wins we celebrated together, and the lessons hidden inside the setbacks. You made every single day meaningful. I couldn't do it without you. Not a single chance! But I want to take a moment to say something more personal — to my manager, the one and only, Ori Bendet You didn't just manage me. You believed in me, challenged me, and gave me the space to grow in ways I didn't know I needed. You led by example, had my back when it mattered most, and pushed me to be a better professional and a better person. I am genuinely grateful for every conversation, every piece of feedback, and every moment of trust. That kind of leadership leaves a mark. Thanks to Checkmarx leadership for being so amazing. This journey was not one to forget. Thank you, Sandeep Johri, Jonathan Rende, Ophir Hordan, Yigal Elstein, Yuval Shani, Elad Moshe, Nir Cohen, and everyone who believed in me. Checkmarx is an exceptional company doing important work in the world of application security — and I leave proud of everything we built together and of every seed I've planted for the next years, especially leaving behind my team members, who can hold tons on their shoulders without saying a word. Platform team members - You ROCK! As for what's next — I'm beyond excited about the road ahead. More to share soon. 🚀 If our paths haven't crossed yet, or if you'd like to stay in touch, my inbox is always open. My last day with Checkmarx is May 3rd. "Don't be sad it's over, be happy that it happened" - Ori Bendet. Checkmarx #NewChapter #ProductManagement #Grateful #Leadership
-
Sandeep Johri liked thisSandeep Johri liked thisI had to take a short break from all the cybersecurity pace for a weekend, hoping Mythos won't "hunt" me there. So I did something completely unrelated to work: I asked 4 AI models to predict the NBA 2026 champion. GPT 5.3. Gemini 3. Claude Opus 4.7. Claude Sonnet 4.6. Same prompt, independent runs. The verdict? All four picked OKC Thunder. Zero debate. Honestly, as a Spurs Sports & Entertainment fan, I had opinions. The models did not care. But here's what actually surprised me — not the consensus, but the one disagreement. Lakers vs. Rockets in Round 1: ChatGPT and Gemini picked Houston, Claude picked LA (at a very shaky 2/5 confidence). That one split cascaded into completely different Western Conference brackets. One uncertain pick. The entire bracket diverges. It got me thinking: when multiple AI models agree on something, is that a signal or just the same training data echoing back at you? Spoiler: sometimes it's both. Sometimes it's neither. Full experiment - per-model picks, confidence scores, where they agreed and where they didn't - link in comments. Fun read, even if you don't follow basketball. My intuition tells me the models are wrong. I'd love them to be right.
Experience
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Education
Honors & Awards
-
Hall of Fame
Wayne State University
http://engineering.wayne.edu/alumni/hall-of-fame-view.php?id=124
-
Distinguished Alumni Award
College of Engineering, Pune
Other similar profiles
Explore more posts
-
Edmund Truell
Thrilled to share this landmark announcement from Global Interconnection Group (GIG). Our new joint venture with Scale-42 – GIGA-42 Ltd. – marks a huge step forward in building sustainable, AI-ready data centres across the Nordics. This is exactly the type of collaboration we envisioned when setting up GIG: bringing together visionary partners, renewable power, cutting-edge infrastructure, and long-term thinking to meet the world’s growing demand for secure, efficient digital capacity. A big thank you to our partners at Scale-42, and to the outstanding GIG team who are driving this mission forward. Exciting times ahead! #Sustainability #DigitalInfrastructure #DataCentres #AI #GIG #GIGA42
-
Salil Deshpande
As AI workloads eat up global computing supply, DRAM prices are surging like never before—creating major challenges for teams trying to plan out their data center spend. One of my portfolio companies, Mext, is addressing the largest cost component in the datacenter: server memory (DRAM). From being on the board of Redis for the last twelve years, I’ve learned a lot about the various aspects of this problem and approaches to solving them. Mext found a breakthrough, using new AI techniques, for dramatically reducing the amount of server-DRAM required to run applications, all while maintaining performance. It intelligently manages the server’s memory, keeping hot pages (i.e., those in use by applications) in fast DRAM and offloading cold pages (i.e., those less used) to a much less expensive memory tier (e.g., NVMe Flash). Key to the approach is ensuring cold memory pages that are about to be accessed by an application are back in DRAM before the application needs them or notices that they were gone. This is done without modifications to the application or the OS – so it can run in the cloud or on-premise. Mext thus allows applications to either run using less DRAM or keep their DRAM footprint but do more with it. They're hosting a webinar along with Fred Weber (former CTO of AMD) on Jan 22nd at 10am pacific time. You can register here: https://lnkd.in/gXe9GCeE
3 Comments -
Amit Mehra, CFA
We're excited to lead the Series-A round of Cloudburst Technologies along with prior investors including Strategic Cyber Ventures (SCV), CoinFund, Coinbase (Coinbase Ventures), Bloccelerate VC, and IQT (In‑Q‑Tel). Operating at the intersection of #AI and crypto-related social media data, Cloudburst Technologies is redefining how the industry approaches risk and intelligence. While most blockchain analytics are limited to on-chain activity, Cloudburst focuses on the crucial off-chain ecosystem. By tracking social sentiment, fraud networks, illicit actors, scams, and emerging narratives, they deliver real-time intelligence and predictive market insights. This comprehensive approach gives regulators, law enforcement, exchanges, investors, and enterprises a proactive edge in spotting new trends and combating crypto-enabled financial crime. The Cloudburst platform is powered by proprietary AI and data science models. It leverages millions of off-chain data points, spanning everything from Telegram and Discord groups to regulatory filings and breaking news. This capability enables clients to detect emerging fraud, enhance KYC/KYT workflows with social media intelligence, quantify reputational and financial risk, and improve investment strategies with behavioral data. Cloudburst is already trusted by major crypto exchanges, compliance teams, and government agencies. With this latest funding, Cloudburst will expand its AI and data science teams, accelerate product development, and scale globally to serve financial institutions, regulators, and exchanges. More here: Coindesk: https://lnkd.in/dDxQBKMh Newswire: https://lnkd.in/dCRughTc Ventureburn: https://lnkd.in/dmP4NzJz
-
Jeff Johnson
The hardest companies to build are often the ones the world needs most. Resilience Tech—spanning hardware, software, deep tech, and infrastructure—demands more than just great ideas. The real test isn’t proving the technology works—it’s building it into a company that can scale and last. At B Capital, Karly Wentz and I distilled what we’ve learned into a 10-factor framework for growth investing in this space. It’s how we separate promising pilots from companies that can scale into lasting platforms. Our conviction: the companies that matter most over the next decade will be those that fuse breakthrough science with business fundamentals—and deliver measurable resilience at scale. Read the full article here: https://lnkd.in/gv8jaMPK
11 Comments -
Chris Fisher
As enterprise AI moves from experimentation to deployment, Myriad is helping founders accelerate enterprise adoption by going beyond capital and also providing access to operators who have built, deployed, and scaled systems inside the world’s largest organizations. That’s always been our belief behind Myriad’s Executive Advisory Board, and today we’re welcoming a new group of leaders, bringing the Board to more than 30 C-suite executives from Fortune 500 and global enterprises. These operators work directly with the founders in our network on product design, enterprise introductions, and proof-of-concept deployments. It’s a proven model that’s already helping portfolio companies reach 119 Fortune 500 deployments and 70 enterprise POCs. Excited for what we’ll build together. Read the full press release here: https://lnkd.in/eiBvkSxM
-
Laurel Touby
Some great news for our portfolio company, Shabodi! “Through this partnership, on the supply side, GMS will use Shabodi's GSMA-certified NetAware Operator Platform to enable mobile operators to securely expose advanced network capabilities such as SIM and device status, location verification, quality-of-service controls, and fraud-prevention signals, while maintaining security, consent, compliance, and operational control as a standardized GSMA Open Gateway and CAMARA APIs.”
-
Xiaoming Yin, Ph.D
Jennifer Gill Roberts and I have been exploring the future of the AI compute stack at Grit Ventures, and one concept we believe will play a defining role in the coming years is Sky Computing, the idea of unifying compute across cloud providers into a single, interoperable system. While the original vision was proposed as early as 2009, the Sky Computing Lab at University of California, Berkeley has since brought it into sharp focus through a remarkable body of work: 🟡 2021: From Cloud Computing to Sky Computing reframed the vision and introduced the role of intercloud brokers.(https://lnkd.in/eGRrBB3M) 🟡 2022: The Sky Above the Clouds outlined a broader roadmap for multi-cloud interoperability. (https://lnkd.in/exBM2PmU) 🟡 2023: SkyPilot delivered a working intercloud broker for scheduling and cost optimization. (https://lnkd.in/e2-sXTty) 🟡 2023: Skyplane addressed fast, efficient data transfer across clouds. (https://lnkd.in/eUFAmkaY) 🟡 2024: Skydentity tackled identity and access control across providers. (https://lnkd.in/eDs9xw2M) 🟡 2025: SkyStore reimagined object storage across regions and clouds. (https://lnkd.in/eWryZ8NB) It’s amazing to see one research group turn vision into open-source reality, pushing Sky Computing from concept to ecosystem. If you're building toward a multi-cloud future, we’d love to hear from you. #SkyComputing #CloudComputing #MultiCloud #Infrastructure #AI
1 Comment -
Dr. Siraj Dokadia
Yves Sandfort is excited to share his interview with Shanker at Omnissa 1! They talked about how Omnissa is building an AI-powered, integrated platform for end user computing—consolidating solutions without compromise, driving innovation, and empowering partners. https://bit.ly/4qw1OQO
-
Matt Ocko
$150k worth of drones with commerical explosives, popping out of saboteur backpacks, can take out material sections of the US grid, including transmission and very hard to replace transformer infrastructure You can’t use guns and high powered microwaves to defend in these environments — only Fortem Technologies has the safe, effective, and proven #CUAS solution here.
2 Comments
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content