.png)
Gecko Security recently launched!
"Gecko finds and fixes security vulnerabilities in your codebase, just like having a security engineer securing your code."
TL;DR: Gecko was built for teams that want to build secure code quickly without wasting time on tools that don’t deliver results, or relying on one-time human pentests that quickly become outdated.
Founded by Jeevan Jutla & Artemiy Malyshau
JJ and Artemiy met four years ago while studying in London. Since then, they have traveled the world competing in CTFs and hackathons, earning over $100,000 in prizes.
JJ previously worked for the UK Intelligence Service (GCHQ and MI5), where he set a record for the highest score in binary exploitation within his cohort — a record that still stands. He also co-developed the largest distributed fuzzer used to secure national infrastructure.
Artemiy holds an MSc from Imperial College London, where he was a scholar. He has contributed to research in multi-agent systems and reinforcement learning. As the first employee and only non-PhD member at his previous company, he developed threat intelligence software for Interpol and national governments.
Both are deeply committed to cybersecurity and AI, and are focused on solving one of the industry's most challenging problems.
The Problem
Most developers say they think of security as an afterthought, added out of fear rather than part of the development process at the start. This is because current security tools can’t find critical business logic vulnerabilities, which are the ones attackers actually exploit, and instead flag low-priority issues with many false positives. This makes fixing these issues slow and costly, pulling engineers away from building features that grow revenue.
The Solution
Gecko uses AI to understand how your application should work, simulates relevant attacks to find critical vulnerabilities, and then verifies these vulnerabilities by exploiting them. It also helps you understand the risk of these vulnerabilities and applies a working fix to continuously keep your code secure. Watch their demo here!
Technical Details
At a high level, Gecko mimics the approach of skilled security experts by using LLM agents combined with program analysis tools like static analyzers, fuzzers, and symbolic executors, which were previously only used in intelligence agencies. For fixing vulnerabilities, Gecko uses multiple agents to iteratively refine the patches - ensuring the vulnerability is remediated, and your code isn’t broken. All testing is done in parallel with certified human pentesters, as they continue to benchmark Gecko’s performance to ensure no vulnerabilities are overlooked.
Learn More
🌐 Visit www.gecko.security to learn more.
🤝 Do you have code that needs to be secured? Email the founders here or book a demo here.
💡 Check out their research on Github.
