In a significant move for the software security landscape, Thomas Dohmke, the former CEO of GitHub, has officially joined Apiiro, an innovator in application security posture management (ASPM), as a strategic advisor. The announcement, made earlier today, signals a major push to address one of the most pressing challenges in modern software engineering: securing code generated by artificial intelligence.
Dohmke, who left his leadership role at GitHub in August 2025, is widely credited with spearheading the AI revolution in software development through the mass adoption of GitHub Copilot. Under his tenure, Copilot grew to over 20 million users, fundamentally changing how developers write and maintain code. Now, Dohmke is pivoting his focus from generating AI code to securing it. At Apiiro, he will work closely with CEO Idan Plotnik and the leadership team to develop new defenses against the unique vulnerabilities introduced by AI coding assistants.
“The speed at which AI is accelerating software development is unprecedented, but it also introduces a new layer of complexity and risk,” Dohmke said in a statement. “Developers are now using multiple AI agents, often without full visibility into the security policies or compliance guardrails of their organizations. My goal at Apiiro is to help bridge that gap—ensuring that we can code faster without compromising the integrity of our critical infrastructure.”
The challenge Dohmke highlights is becoming increasingly visible in enterprise environments. As AI tools like Copilot, Cursor, and others become standard, the volume of code being produced has skyrocketed. However, AI models can occasionally hallucinate insecure patterns or suggest outdated libraries that contain known vulnerabilities. Apiiro’s platform is designed to provide deep visibility into codebases, identifying not just traditional bugs but also ‘business logic’ flaws and supply chain risks that automated scanners might miss. By integrating with code-management systems, Apiiro provides the necessary context to ‘fix’ AI-generated code before it reaches production.
Apiiro, which has raised over $100 million from top-tier investors including General Catalyst, Greylock, and Kleiner Perkins, sees Dohmke’s expertise as a critical asset. “Thomas understands the developer experience better than almost anyone,” said Idan Plotnik, Apiiro’s CEO. “He knows that security tools cannot be a bottleneck. They must be invisible and helpful. His insights will be invaluable as we build the next generation of security for the AI era.”
This move also reflects a broader trend in the industry where executives from the ‘generative’ phase of AI are moving into ‘governance’ and ‘security’ roles. As enterprises move from piloting AI to deploying it at scale, the demand for robust security frameworks that can keep pace with AI-speed development is exploding. Dohmke’s involvement suggests that Apiiro is positioning itself to be the standard-bearer for this new category of ‘AI-native’ security.
For software engineers and DevOps professionals, this partnership underscores the need to treat AI-generated code with the same—if not more—scrutiny as human-written code. The focus is shifting from ‘how fast can we build’ to ‘how safe is what we built,’ a transition that will likely define the next phase of the DevOps lifecycle.
