Black Duck Appoints Dom Glavach as Chief Information Security Officer

Veteran security executive brings more than two decades of enterprise, SaaS, and national defense cybersecurity leadership to Black Duck

BURLINGTON, Mass., April 9, 2026 /PRNewswire/ -- Black Duck^®, the leader in AI-powered application security, today announced the appointment of Dom Glavach as Chief Information Security Officer (CISO). In this role, Glavach will lead Black Duck's global security strategy, overseeing enterprise security, governance, risk and compliance, and product security as the company continues to expand its portfolio for securing modern and AI-driven software development.

Glavach assumes the CISO role amid an increasingly volatile security landscape, marked by a steady drumbeat of software supply chain breaches and open source compromises impacting popular developer tools, cloud platforms, and AI-driven systems. Recent incidents tied to dependency abuse, credential misuse, and compromised build pipelines have underscored how quickly software risk can cascade across industries. As enterprises struggle to keep pace, Black Duck's investment in seasoned security leadership highlights the importance of addressing application and supply chain risk as a board-level priority—not a downstream technical issue.

Glavach brings more than 20 years of cybersecurity leadership experience spanning high-growth SaaS organizations, regulated industries, and national defense environments. Most recently, he served as Chief Information Security Officer and Chief Security Strategist at CyberSN, where he led enterprise security strategy and operations across a fully remote workforce, integrating governance, risk, and compliance with security operations, vulnerability management, and secure product development.

Prior to CyberSN, Glavach spent two decades with Concurrent Technologies Corporation (CTC), including serving as CISO for a top-100 Department of Defense contractor. There, he architected and led compliance programs aligned with FedRAMP, DFARS, NIST 800-171, and CMMC, and directed incident response efforts against advanced, nation-state adversaries—work that supported tens of millions of dollars in secured government contracts.

At Black Duck, Glavach will focus on strengthening the company's security posture as customers navigate increasingly complex risks tied to open source software, software supply chains, and AI-generated code. He will partner closely with engineering, product, and customer-facing teams to help ensure security is embedded not only across Black Duck's internal operations, but also within the platforms and intelligence delivered to customers.

"Dom has operated at the intersection of security, software, and national-scale risk for his entire career," said Jason Schmitt, CEO of Black Duck. "His experience leading security programs in high-stakes environments makes him uniquely qualified to help Black Duck scale securely while advancing how the industry approaches application and supply chain security in the age of AI."

Glavach is widely recognized as a thought leader in cybersecurity leadership and workforce development. He is the author of the CyberSN Job Taxonomy, serves as an Adjunct Professor of Cybersecurity at Indiana University of Pennsylvania, and is a frequent speaker on topics including AI-enabled defense, cyber workforce risk, and modern CISO leadership.

"Black Duck sits at the center of how modern software is built and secured," said Dom Glavach, CISO of Black Duck. "As organizations race to adopt AI and accelerate development, security must evolve just as quickly—without slowing innovation. I'm excited to join Black Duck at a pivotal moment and help customers manage risk with greater clarity, automation, and confidence."

About Black Duck  

Black Duck^® meets the board-level risks of modern software with True Scale Application Security, ensuring uncompromised trust in software for the regulated, AI-powered world. Only Black Duck solutions free organizations from tradeoffs between speed, accuracy, and compliance at scale while eliminating security, regulatory, and licensing risks. Whether in the cloud or on premises, Black Duck is the only choice for securing mission-critical software everywhere code happens. With Black Duck, security leaders can make smarter decisions and unleash business innovation with confidence. Learn more at www.blackduck.com. 

SOURCE Black Duck Software