
How Lovable Manages 100+ Daily Changes, Vibe Coding & Shadow AI
From AI Security Podcast by TechRiot.io
April 2, 2026 · 57 min · Season 4 · Episode 6
About this episode
The episode explores the unique security challenges faced by Lovable, an AI-native platform, as it scales rapidly in a dynamic environment.
What does it actually look like to run security inside one of Europe's fastest-growing AI companies? In this episode, recorded live at the Munich Cybersecurity Conference (MCSC), Ashish Rajan sat down with Igor Andriushchenko Head of Security at Lovable , the AI-native platform that lets anyone build and ship full applications without writing a line of code. Igor joined Lovable as employee #40. Six months later, the team had grown to 150+. Developers were running multi-agent workflows overnight, PMs were pushing pull requests, and the volume of code changes was hitting numbers that challenged every traditional security process they had. This is the security story nobody talks about in AI-native scale-ups and Igor lived it. In this episode, they cover: why your CI/CD pipeline is being load-tested to destruction by AI-generated churn · how to use PAM (Privileged Access Management) as a practical guardrail for AI agents that can't escalate to production secrets · why the allow-list vs deny-list logic is reversed for AI agents compared to traditional security · the overlooked SCA supply chain risk when AI recommends unmaintained or hallucinated packages · why old SAST tools are…
People in this episode
Host: Ashish Rajan
Guest: Igor Andriushchenko
Topics covered
- AI security
- CI/CD pipeline
- Privileged Access Management
- AI agents
- SCA supply chain risk
- code scanning tools
- AI user management
Keywords
- AI-native platform
- security processes
- code changes
- agentic code scanners
- AI-generated churn
- productivity
- internal AI security tooling
Mentioned in this episode
Organizations: Lovable, Munich Cybersecurity Conference
Places: Europe
More episodes of AI Security Podcast
- Why Asset Intelligence is Replacing the CMDB & Static Dashboards · June 11, 2026 · 43 min
- The AI AuthZ Problem: Why Human Least Privilege Fails for Autonomous Agents · June 4, 2026 · 48 min
- Securing AI at the Speed of Engineering | DoorDash | Forward Deployed Security | GRC Engineering · May 21, 2026 · 1h 3m
- Verification vs. Validation: How Autonomous AI is Changing Cybersecurity · May 13, 2026 · 1h 10m
- The Zero-Click AI Hack: How to Contain the Blast Radius of Autonomous Agents · April 29, 2026 · 47 min
- Buy vs. Build AI Security: Why [Box.com](http://Box.com) CISO is Creating their Own Agentic SOC · April 22, 2026 · 47 min
Explore listener stats, chart rankings, contacts and more on the AI Security Podcast podcast page.