ZeroPath Reviews

ZeroPath Description

ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with deep program analysis to deliver intelligent security testing that finds real vulnerabilities while dramatically reducing false positives.

Unlike traditional SAST tools that rely on pattern matching, ZeroPath understands code context, business logic, and developer intent. This enables identification of sophisticated security issues including business logic flaws, broken authentication, authorization bypasses, and complex dependency vulnerabilities.

Our comprehensive security suite covers the application security lifecycle:

1. AI-powered SAST
2. Software Composition Analysis with reachability analysis
3. Secrets detection and validation
4. Infrastructure as Code scanning
5. Automated PR reviews
6. Automated patch generation
and more...

ZeroPath integrates seamlessly with GitHub, GitLab, Bitbucket, Azure DevOps and many more. The platform handles codebases with millions of lines across Python, JavaScript, TypeScript, Java, Go, Ruby, Rust, PHP, Kotlin and more.

Our research team has been successful in finding vulnerabilities like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce.

Trusted by 750+ companies and performing 200k+ code scans monthly.

Pricing

Pricing Starts At:

Free

Pricing Information:

- Free personal plan (free forever, incl. 1 repo, unlimited PR scans and more).

- Core plan (Platform fee: $200/month, up to 25 repos, unlimited PR scans and patches, integration w/ Jira, Linear, and more).

- Enterprise plan for organizations with advanced needs.

Free Version:

Yes

Free Trial:

Yes

Learn More

Integrations

API:

Yes, ZeroPath has an API

View Integrations

Reviews - 1 Verified Review

Total

ease

features

design

support

See More Reviews Write a Review

Company Details

Company:

ZeroPath

Year Founded:

2024

Headquarters:

United States

Website:

zeropath.com

Update This Listing

Media

Product Details

Platforms

Web-Based

On-Premises

Types of Training

Training Docs

Live Training (Online)

Training Videos

Customer Support

Business Hours

Live Rep (24/7)

Online Support

ZeroPath Features and Options

Static Application Security Testing (SAST) Software

Application Security

Dashboard

Debugging

Deployment Management

IDE

Multi-Language Scanning

Real-Time Analytics

Source Code Scanning

Vulnerability Scanning

Application Security Software

Analytics / Reporting

Open Source Component Monitoring

Source Code Analysis

Third-Party Tools Integration

Training Resources

Vulnerability Detection

Vulnerability Remediation

Static Code Analysis Software

Analytics / Reporting

Code Standardization / Validation

Multiple Programming Language Support

Provides Recommendations

Standard Security/Industry Libraries

Vulnerability Management

Cybersecurity Software

AI / Machine Learning

Behavioral Analytics

Endpoint Management

IOC Verification

Incident Management

Tokenization

Vulnerability Scanning

Whitelisting / Blacklisting

Vulnerability Scanners

Asset Discovery

Black Box Scanning

Compliance Monitoring

Continuous Monitoring

Defect Tracking

Interactive Scanning

Logging and Reporting

Network Mapping

Perimeter Scanning

Risk Analysis

Threat Intelligence

Web Inspection

ZeroPath User Reviews

Write a Review

Name: Anonymous (Verified)

Job Title: Senior Security Engineer

Length of product use: 6-12 Months

Used How Often?: Daily

Role: User

Organization Size: 5,000 - 9,999

Features

Design

Ease

Pricing

Support

Likelihood to Recommend to Others

1 2 3 4 5 6 7 8 9 10

Found the highest quality of bugs
Date: Nov 12 2025

Summary: Would recommend anyone looking for SAST tool at this price. Some orgs pay hundreds and thousands to find these quality of vulns.

Positive: The scanner is absolutely amazing. We have used Synk, Semgrep and Aikido but no one comes close to the logic vulns ZeroPath is able to detect.

Negative: The UI is a little hard to understand and take some time getting used to
Read More...

Previous
You're on page 1
Next

ZeroPath Alternatives

Compare ZeroPath Against Alternatives

vs.

CodeSonar

CodeSonar uses a unified dataflow with symbolic execution analysis to examine the entire application's computations. CodeSonar's static analyze engine is extremely deep and does not rely on pattern matching or similar approximations. It finds 3-5 times more defects than other static analysis...

Compare
vs.

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code...

Compare
vs.

Kiuwan Code Security

Security Solutions for Your DevOps Process Automate scanning your code to find and fix vulnerabilities. Kiuwan Code Security is compliant with the strictest security standards, such OWASP or CWE. It integrates with top DevOps tools and covers all important languages. Static application...

Compare
vs.

Veracode

Veracode provides a holistic and scalable solution to manage security risk across all your applications. Only one solution can provide visibility into the status of all types of testing, including manual penetration testing, SAST, DAST and SCA.

Compare
vs.

Qwiet AI

The Fastest Code Analysis. 40X faster scan speeds so developers don't have to wait long for results after submitting a pull request. The Most Accurate Result. Qwiet AI is the only AI with the highest OWASP benchmark score. This is more than triple the commercial average, and more than twice the...

Compare

Similar Software

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code...

View Software
CodeSonar

CodeSonar uses a unified dataflow with symbolic execution analysis to examine the entire application's computations. CodeSonar's static analyze engine is extremely deep and does not rely on pattern matching or similar approximations. It finds 3-5 times more defects than other static analysis...

View Software
Veracode

Veracode provides a holistic and scalable solution to manage security risk across all your applications. Only one solution can provide visibility into the status of all types of testing, including manual penetration testing, SAST, DAST and SCA.

View Software
Kiuwan Code Security

Security Solutions for Your DevOps Process Automate scanning your code to find and fix vulnerabilities. Kiuwan Code Security is compliant with the strictest security standards, such OWASP or CWE. It integrates with top DevOps tools and covers all important languages. Static application...

View Software