#AI--ZeroPath, the AI-native application security platform that autonomously finds, verifies, and fixes exploitable vulnerabilities, today announced it has been named a Top 10 finalist in the RSAC™ ...
Autore: Business Wire
The AI-native platform will showcase how modern application security can autonomously find, verify, and fix exploitable vulnerabilities.
SAN FRANCISCO: #AI--ZeroPath, the AI-native application security platform that autonomously finds, verifies, and fixes exploitable vulnerabilities, today announced it has been named a Top 10 finalist in the RSAC™ 2026 Innovation Sandbox, the cybersecurity industry’s premier startup competition. The company will present its technology on March 23 at RSA Conference in San Francisco for a chance to be named the Most Innovative Startup of 2026.
The RSAC™ Innovation Sandbox is widely regarded as the cybersecurity industry’s premier startup competition and has launched more than 90 companies that have collectively achieved over $16 billion in acquisitions and investments.
ZeroPath enters the Innovation Sandbox with significant momentum. The platform now runs more than 200,000 scans per month across 1,000+ organizations and has achieved 3x ARR growth as demand for AI-native security accelerates. By consolidating SAST, SCA, Secrets, and IaC into a single reasoning engine, ZeroPath enables teams to reduce backlogs and remediate risk without slowing development.
“AI hasn’t just increased development speed, it has fundamentally changed how software is written,” said Dean Valentine, CEO at ZeroPath. “Security tools designed for pattern matching and static review can’t keep pace with AI-generated applications. The next generation of application security must understand behavior, validate real exploit paths, and fix issues automatically. That’s the shift we’re bringing to the Innovation Sandbox.”
Software development has entered a new era. As AI accelerates code generation and release cycles compress, traditional security tools built for slower, more predictable development models are struggling to keep pace. AppSec teams are overwhelmed by alert fatigue, rising false positives, and mounting remediation queues, creating friction between security and engineering at precisely the moment organizations need alignment.
ZeroPath was built for this new reality.
Unlike legacy scanners that rely on static rules or pattern matching, ZeroPath understands code semantics and reasons about real application behavior. The platform verifies exploitability before surfacing findings and automatically generates precise, context-aware pull requests - enabling developers to fix real risk quickly, directly within existing workflows.
The platform has surfaced serious vulnerabilities in widely used open-source projects, including curl, sudo, Linux, FFmpeg, and OpenSSL, demonstrating its ability to reason about complex, real-world codebases at scale.
In customer environments, the impact is measurable. Teams report finding 4–10x more meaningful vulnerabilities compared to prior tooling, with more than 50% of critical findings classified as business logic flaws that traditional scanners missed. Small organizations deploy ZeroPath in under five minutes and generate verified fixes in as little as 15–20 minutes without slowing development velocity. Enterprises deploy ZeroPath in 4 weeks, which is far below industry average. In some cases, companies have been able to defer hiring dedicated security engineers or hire fewer while maintaining strong coverage and audit readiness.
“I was almost blown away by the quality of some of the findings from ZeroPath. Some were actually truly awesome,” said Daniel Stenberg, creator of cURL.
As a Top 10 finalist, ZeroPath will demonstrate how application security can shift from reactive scanning to proactive, verified risk reduction. The company is advancing its mission to secure the world’s software by making security automatic and eliminating the gap between code creation and code protection, ensuring vulnerabilities are identified and resolved before they become business risk.
About ZeroPath
Founded by security engineers from Tesla and Google, ZeroPath is the AI-native application security platform that autonomously finds, verifies, and fixes exploitable vulnerabilities. Unlike traditional scanners that rely on static rules or pattern matching, ZeroPath understands code semantics and real application behavior. The platform unifies SAST, SCA, Secrets, and IaC into a single reasoning engine that verifies exploitability and automatically generates precise, context-aware fixes. By detecting complex business logic flaws and multi-step attack paths that legacy tools miss, ZeroPath delivers fewer false positives, faster remediation, and stronger security outcomes without slowing development.
Fonte: Business Wire