Black Duck announced Dom Glavach as its new Chief Information Security Officer (CISO). In this role, Glavach will guide Black Duck’s global security strategy, managing enterprise security, governance, risk and compliance, and product security, as the company grows its offerings to protect modern and AI-driven software development.
Dom Glavach assumes the CISO role amid an increasingly volatile security landscape, marked by a steady drumbeat of software supply chain breaches and open source compromises impacting popular developer tools, cloud platforms, and AI-driven systems. Recent incidents tied to dependency abuse, credential misuse, and compromised build pipelines have underscored how quickly software risk can cascade across industries. As enterprises struggle to keep pace, Black Duck’s investment in seasoned security leadership highlights the importance of addressing application and supply chain risk as a board-level priority—not a downstream technical issue.
Glavach brings more than 20 years of cybersecurity leadership experience spanning high-growth SaaS organizations, regulated industries, and national defense environments. Most recently, he served as Chief Information Security Officer and Chief Security Strategist at CyberSN, where he led enterprise security strategy and operations across a fully remote workforce, integrating governance, risk, and compliance with security operations, vulnerability management, and secure product development.
Prior to CyberSN, Glavach spent two decades with Concurrent Technologies Corporation (CTC), including serving as CISO for a top-100 Department of Defense contractor. There, he architected and led compliance programs aligned with FedRAMP, DFARS, NIST 800-171, and CMMC, and directed incident response efforts against advanced, nation-state adversaries—work that supported tens of millions of dollars in secured government contracts.
At Black Duck, Glavach will focus on strengthening the company’s security posture as customers navigate increasingly complex risks tied to open source software, software supply chains, and AI-generated code. He will partner closely with engineering, product, and customer-facing teams to help ensure security is embedded not only across Black Duck’s internal operations, but also within the platforms and intelligence delivered to customers.
“Dom has operated at the intersection of security, software, and national-scale risk for his entire career,” said Jason Schmitt, CEO of Black Duck. “His experience leading security programs in high-stakes environments makes him uniquely qualified to help Black Duck scale securely while advancing how the industry approaches application and supply chain security in the age of AI.”
Glavach is widely recognized as a thought leader in cybersecurity leadership and workforce development. He is the author of the CyberSN Job Taxonomy, serves as an Adjunct Professor of Cybersecurity at Indiana University of Pennsylvania, and is a frequent speaker on topics including AI-enabled defense, cyber workforce risk, and modern CISO leadership.
“Black Duck sits at the center of how modern software is built and secured,” said Dom Glavach, CISO of Black Duck. “As organizations race to adopt AI and accelerate development, security must evolve just as quickly—without slowing innovation. I’m excited to join Black Duck at a pivotal moment and help customers manage risk with greater clarity, automation, and confidence.”
To learn more about Dom Glavach and the rest of the Black Duck leadership, visit the website here.
Related News:
Black Duck 2026 OSSRA Report: Open Source Risks Surge with AI-Driven Code
