Aikido Security
Aikido is the all-in-one security platform for development teams to secure their complete stack, from code to cloud. Aikido centralizes all code and cloud security scanners in one place.
Aikido offers a range of powerful scanners including static code analysis (SAST), dynamic application security testing (DAST), container image scanning, and infrastructure-as-code (IaC) scanning.
Aikido integrates AI-powered auto-fixing features, reducing manual work by automatically generating pull requests to resolve vulnerabilities and security issues. It also provides customizable alerts, real-time vulnerability monitoring, and runtime protection, enabling teams to secure their applications and infrastructure seamlessly.
Learn more
ZeroPath
ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with deep program analysis to deliver intelligent security testing that finds real vulnerabilities while dramatically reducing false positives.
Unlike traditional SAST tools that rely on pattern matching, ZeroPath understands code context, business logic, and developer intent. This enables identification of sophisticated security issues including business logic flaws, broken authentication, authorization bypasses, and complex dependency vulnerabilities.
Our comprehensive security suite covers the application security lifecycle:
1. AI-powered SAST
2. Software Composition Analysis with reachability analysis
3. Secrets detection and validation
4. Infrastructure as Code scanning
5. Automated PR reviews
6. Automated patch generation
and more...
ZeroPath integrates seamlessly with GitHub, GitLab, Bitbucket, Azure DevOps and many more. The platform handles codebases with millions of lines across Python, JavaScript, TypeScript, Java, Go, Ruby, Rust, PHP, Kotlin and more.
Our research team has been successful in finding vulnerabilities like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce.
Trusted by 750+ companies and performing 200k+ code scans monthly.
Learn more
GPT-5.3-Codex
GPT-5.3-Codex is a next-generation AI agent built to expand Codex beyond code writing into full-spectrum professional execution. It unifies advanced coding intelligence with reasoning, planning, and computer-use capabilities. The model delivers faster performance while handling more complex workflows across development environments. GPT-5.3-Codex can autonomously iterate on large projects while remaining interactive and steerable. It supports tasks such as debugging, deployment, performance optimization, and system monitoring. The model demonstrates state-of-the-art results across real-world coding benchmarks. It also excels at web development, generating production-ready applications from minimal prompts. GPT-5.3-Codex understands intent more effectively, producing stronger default designs and functionality. Its agentic nature allows it to operate like a collaborative teammate. This makes it suitable for both individual developers and large teams.
Learn more
CodeMender
CodeMender is an innovative AI-driven tool created by DeepMind that automatically detects, analyzes, and corrects security vulnerabilities within software code. By integrating sophisticated reasoning capabilities through the Gemini Deep Think models with various analysis techniques such as static and dynamic analysis, differential testing, fuzzing, and SMT solvers, it effectively pinpoints the underlying causes of issues, generates high-quality fixes, and ensures these solutions are validated to prevent regressions or functional failures. The operation of CodeMender involves proposing patches that comply with established style guidelines and maintain structural integrity, while it also employs critique and verification agents to assess modifications and self-correct if any problems are identified. Additionally, CodeMender can actively refactor existing code to incorporate safer APIs or data structures, such as implementing -fbounds-safety annotations to mitigate the risk of buffer overflows. To date, this remarkable tool has contributed dozens of patches to significant open-source projects, some of which consist of millions of lines of code, showcasing its potential impact on software security and reliability. Its ongoing development promises even greater advancements in the realm of automated code improvement and safety.
Learn more
