All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Gecko Security Launches AI Tool to Detect Complex Code Vulnerabilities

By

jjjutla

10mo ago· 5 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Front-window bakery material. Catches the eye, delivers the goods.

Score80TypenewsSentimentpositive

Summary

Gecko Security, a Y Combinator-backed startup, introduces an AI-powered static analysis tool that leverages LLMs to identify complex business logic and multi-step vulnerabilities in code, which traditional scanners often miss. The tool has already discovered 30+ CVEs in projects like Ollama, Gradio, and Ragflow. It is available for testing on any open-source repository.

Key quotes

· 3 pulled
We're building a new kind of static analysis tool that uses LLMs to find complex business logic and multi-step vulnerabilities that current scanners miss.
We’ve used it to find 30+ CVEs in projects like Ollama, Gradio, and Ragflow.
Anyone who’s used SAST (Static Application Security Testing) tools knows the issues of high false positives while missing entire classes of vulnerabilities like AuthN/Z bypasses.
Snippet from the RSS feed
Hey HN, I'm JJ, Co-Founder of Gecko Security (https://www.gecko.security). We're building a new kind of static analysis tool that uses LLMs to find complex business logic and multi-step vulnerabilities that current scanners miss. We’ve used it to find 30+

You might also wanna read

Gammacode: AI-Powered Security Tool for Automated Code Vulnerability Scanning and Fixing

Gammacode is a security-focused development tool that uses AI agents to automatically scan code repositories for vulnerabilities, bugs, and

Product Hunt·7mo ago

Anthropic launches Claude Security beta for codebase vulnerability scanning

Anthropic has released Claude Security, a defensive security tool within Claude Code on the web, from closed preview to beta for Claude Ente

thenewstack.io·1d ago

Anthropic Releases Free Security Plugin for Claude Code Terminal to Detect Vulnerabilities

Anthropic has released a free security-guidance plugin for its Claude Code terminal tool that autonomously reviews code edits, model outputs

cybersecuritynews.com·11h ago

Google expands CodeMender AI security tool access, competing with Anthropic's Mythos

Google is expanding access to CodeMender, an AI-powered code security tool originally debuted in October 2024. At I/O, the company announced

The Verge·12d ago

VibeSec: AI-Powered Code Security Scanner for GitHub Repositories

VibeSec is an AI-powered code security tool that instantly scans GitHub repositories to detect vulnerabilities and generate smart reports, d

Product Hunt·11mo ago

AI-Powered Bug Discovery Finds 271 Hidden Vulnerabilities in Firefox, Signaling New Era for Software Security

Security Now episode 1080 analyzed how frontier AI models (specifically Claude) discovered 271 hidden bugs in Firefox's codebase, as documen

twit.tv·4d ago