TL;DR: We built Gecko for teams that want to build secure code quickly without wasting time on tools that don’t deliver results, or relying on one-time human pentests that quickly become outdated.
Most developers tell us they think of security as an afterthought, added out of fear rather than part of the development process at the start. This is because current security tools can’t find critical business logic vulnerabilities, which are the ones attackers actually exploit, and instead flag low-priority issues with many false positives. This makes fixing these issues slow and costly, pulling engineers away from building features that grow revenue.
Gecko uses AI to understand how your application should work, simulates relevant attacks to find critical vulnerabilities, and then verifies these vulnerabilities by exploiting them. It also helps you understand the risk of these vulnerabilities and applies a working fix to continuously keep your code secure. Watch our demo here!
At a high level, Gecko mimics the approach of skilled security experts by using LLM agents combined with program analysis tools like static analyzers, fuzzers, and symbolic executors, which were previously only used in intelligence agencies. For fixing vulnerabilities, Gecko uses multiple agents to iteratively refine the patches - ensuring the vulnerability is remediated, and your code isn’t broken. All testing is done in parallel with certified human pentesters, as we continue to benchmark Gecko’s performance to ensure no vulnerabilities are overlooked.
Do you have code that needs to be secured? Email us at gecko@gecko.security or book a demo at https://cal.com/geckosec/15min.
JJ and Artemiy met four years ago while studying in London. Since then, they have traveled the world competing in CTFs and hackathons, earning over $100,000 in prizes.
JJ previously worked for the UK Intelligence Service (GCHQ and MI5), where he set a record for the highest score in binary exploitation within his cohort — a record that still stands. He also co-developed the largest distributed fuzzer used to secure national infrastructure.
Artemiy holds an MSc from Imperial College London, where he was a scholar. He has contributed to research in multi-agent systems and reinforcement learning. As the first employee and only non-PhD member at his previous company, he developed threat intelligence software for Interpol and national governments.
Both are deeply committed to cybersecurity and AI, and are focused on solving one of the industry's most challenging problems.