ZeroPath
ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with deep program analysis to deliver intelligent security testing that finds real vulnerabilities while dramatically reducing false positives.
Unlike traditional SAST tools that rely on pattern matching, ZeroPath understands code context, business logic, and developer intent. This enables identification of sophisticated security issues including business logic flaws, broken authentication, authorization bypasses, and complex dependency vulnerabilities.
Our comprehensive security suite covers the application security lifecycle:
1. AI-powered SAST
2. Software Composition Analysis with reachability analysis
3. Secrets detection and validation
4. Infrastructure as Code scanning
5. Automated PR reviews
6. Automated patch generation
and more...
ZeroPath integrates seamlessly with GitHub, GitLab, Bitbucket, Azure DevOps and many more. The platform handles codebases with millions of lines across Python, JavaScript, TypeScript, Java, Go, Ruby, Rust, PHP, Kotlin and more.
Our research team has been successful in finding vulnerabilities like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce.
Trusted by 750+ companies and performing 200k+ code scans monthly.
Learn more
Aikido Security
Aikido is the all-in-one security platform for development teams to secure their complete stack, from code to cloud. Aikido centralizes all code and cloud security scanners in one place.
Aikido offers a range of powerful scanners including static code analysis (SAST), dynamic application security testing (DAST), container image scanning, and infrastructure-as-code (IaC) scanning.
Aikido integrates AI-powered auto-fixing features, reducing manual work by automatically generating pull requests to resolve vulnerabilities and security issues. It also provides customizable alerts, real-time vulnerability monitoring, and runtime protection, enabling teams to secure their applications and infrastructure seamlessly.
Learn more
Arm MAP
There's no requirement to modify your coding practices or the methods you use to develop your projects. You can conduct profiling for applications that operate on multiple servers and involve various processes, providing clear insights into potential bottlenecks related to I/O, computational tasks, threading, or multi-process operations. You'll gain a profound understanding of the specific types of processor instructions that impact your overall performance. Additionally, you can monitor memory usage over time, allowing you to identify peak usage points and fluctuations throughout the entire memory landscape. Arm MAP stands out as a uniquely scalable profiler with low overhead, available both as an independent tool and as part of the comprehensive Arm Forge debugging and profiling suite. It is designed to assist developers of server and high-performance computing (HPC) software in speeding up their applications by pinpointing the root causes of sluggish performance. This tool is versatile enough to be employed on everything from multicore Linux workstations to advanced supercomputers. You have the option to profile realistic scenarios that matter the most to you while typically incurring less than 5% in runtime overhead. The user interface is interactive, fostering clarity and ease of use, making it well-suited for both developers and computational scientists alike, enhancing their productivity and efficiency.
Learn more
Arm Forge
Create dependable and optimized code that delivers accurate results across various Server and HPC architectures, utilizing the latest compilers and C++ standards tailored for Intel, 64-bit Arm, AMD, OpenPOWER, and Nvidia GPU platforms. Arm Forge integrates Arm DDT, a premier debugger designed to streamline the debugging process of high-performance applications, with Arm MAP, a respected performance profiler offering essential optimization insights for both native and Python HPC applications, along with Arm Performance Reports that provide sophisticated reporting features. Both Arm DDT and Arm MAP can also be used as independent products, allowing flexibility in application development. This package ensures efficient Linux Server and HPC development while offering comprehensive technical support from Arm specialists. Arm DDT stands out as the preferred debugger for C++, C, or Fortran applications that are parallel or threaded, whether they run on CPUs or GPUs. With its powerful and user-friendly graphical interface, Arm DDT enables users to swiftly identify memory errors and divergent behaviors at any scale, solidifying its reputation as the leading debugger in the realms of research, industry, and academia, making it an invaluable tool for developers. Additionally, its rich feature set fosters an environment conducive to innovation and performance enhancement.
Learn more