AI-Native Application Security Testing and Code Review

ZeroPath provides an AI-native application security platform built to address modern software development complexities by unifying static analysis, software composition analysis, IaC auditing, secrets detection, and continuous risk management. Its static analysis engine identifies advanced vulnerabilities — including authentication bypasses, injection flaws, and business logic errors — using semantic pattern matching and tree-based reasoning models. ZeroPath further reduces false positives by evaluating exploitability pathways and validating whether third-party library risks materially impact exposed components.

The platform uses multi-stage analysis pipelines to automatically detect service boundaries and technology stacks across monorepos and microservices. AI agents model potential attack chains, validate exploit feasibility, and generate natural language-guided code patches that developers can apply via conversational interfaces. ZeroPath also scans Terraform, CloudFormation, and Kubernetes configurations, validates credential rotation and format integrity, and flags hard-coded secrets.

In a late 2025 LinkedIn post, ZeroPath co-founder Raphael Karger announced that the company had raised $7 million in seed funding. He didn’t mention who led the round but thanked HOF Capital, SurgePoint Capital, and Y Combinator. In a February 2026 post, Karger revealed that total funding had now reached $12.5 million and thanked Crosspoint Capital Partners and Paul Graham, as well as ZeroPath’s previous investors.