Apiiro Launches Industry-First AI Agent for AppSec That Delivers AutoFix Tailored to Your Environment

The new AutoFix Agent integrates seamlessly into developer IDEs, leveraging critical, unique data other platforms simply can’t deliver to fix design and code risks – based on organizational security policies, standards, and runtime context – while tracking dev velocity, SLAs, and MTTR

NEW YORK, Aug. 04, 2025 (GLOBE NEWSWIRE) -- Apiiro, the leading Agentic Application Security Platform, today launched its AutoFix Agent: the industry's first AI Agent for AppSec that autofixes design and code risks using runtime context – tailored to your environment. The agent operates natively in developers’ integrated development environments (IDEs), agnostic to IDE via a remote Model Context Protocol (MCP) connection.

The rise of AI coding assistants like GitHub Copilot, Gemini Code Assist, and Cursor has supercharged developer productivity – and led to a surge in complex and ungoverned code. Gartner predicts that by 2028, 75% of enterprise developers will use these tools. But this shift has introduced new risks: unfamiliar frameworks, APIs, third-party dependencies, and AI-generated code that bypasses architectural standards and policy guardrails.

Research shows that 50% of AI-generated code contains vulnerabilities, and 10% are actively exploitable. Meanwhile, AppSec teams face flat headcount, surging volumes of findings, and growing backlogs. Traditional AST tools (e.g., SAST, SCA, Secrets), which rely on static rules and limited context, weren’t built for this kind of change.

Fortune 500 companies need a completely new way to automatically fix design and code risks: one that eliminates their security backlogs and reduces mean time to remediate (MTTR) without impacting development velocity.

Apiiro’s AutoFix Agent delivers on that need. It acts as a force multiplier for AppSec teams, automatically generating threat models for risky features before code is written and fixing findings from SAST, SCA, secrets, and API security tools and other types of risks introduced by AI-generated code to prevent incidents at scale.

To extend risk context beyond code to runtime, Apiiro has partnered with ServiceNow to help Fortune 500 enterprises map code repositories and assets to business applications in their configuration management database (CMDB). This allows enterprises to enrich application risks with business criticality, and contextually trigger risk acceptance workflows in ServiceNow – improving governance across the SDLC.

The result: AppSec shifts from cost center to business enabler – lowering risk, accelerating development, and force-multiplying the security team’s impact.

“We’re excited about Apiiro’s industry-first AI Agent for AppSec, which delivers tailored fixes based on your environment and business risk - and integrates with ServiceNow to manage the full application risk lifecycle,” said Deepak Kolingivadi, Senior Director, Security Business Unit, ServiceNow.

“AI coding assistants have transformed developer productivity, but they lack critical context – like code assets inventory, software architecture, security policies and standards, compensating controls, runtime environment, and business impact,” said Idan Plotnik, Co-Founder and CEO of Apiiro. “As these ungoverned tools outpace AppSec teams, they introduce real risk. Apiiro’s AutoFix Agent goes beyond detection to fix risks intelligently, with the same context application security and risk management teams use to make informed decisions.”

Unlike AI Secure Coding Assistants that rely only on source code and generic risk scoring models like CVSS or EPSS, Apiiro’s AutoFix Agent uses critical, unique data generated by its platform. Its patented Deep Code Analysis (DCA), with Code-to-Runtime matching and Risk Graph engine, continuously maps the software architecture from code to runtime across all material changes – enabling precise, risk-aware fixes that align with enterprise security standards.

This data foundation powers the AutoFix Agent’s three core capabilities:

• AutoFix – Automatically assess, prioritize, and fix design and code risks with runtime context
• AutoGovern – Enforce policies, standards, and secure coding guardrails
• AutoManage – Automate risk lifecycle management and measure MTTR
  

“Akamai and Apiiro partnered to bring deep code and deep runtime insight together. I’m happy to see Apiiro seamlessly connect these insights into the developer toolchain to uniquely generate fixes to reduce risks and developer's workload,” said Mani Sundaram, EVP Security at Akamai.

“In a world where AI Agents generate code,” added Plotnik, “No software should ship without an AI AppSec Agent securing it.”

Apiiro AutoFix Agent is currently available in preview to Apiiro customers, helping them prevent incidents at scale.

About Apiiro
Apiiro is the Agentic Application Security Platform, powered by the AutoFix Agent – force-multiplying application security and development teams to design, develop, and deliver secure software faster in the AI era. Fortune 500 companies including USAA, TIAA, BlackRock, Bloomberg, SoFi, and Shell rely on Apiiro’s patented Deep Code Analysis (DCA) technology to continuously discover, inventory, and visualize their software architecture from code to runtime. This enables automated assessment, detection, prioritization, remediation, and prevention of application risks at scale.

Media Contact:
Amy McDowell
Offleash PR for Apiiro
apiiro@offleashpr.com

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.