ZeroPath (YC S24)

Intro

ZeroPath positions itself as an AI-native, end-to-end application security (AppSec) platform. The vendor describes the product as "the first truly intelligent code security suite" that combines AI-native SAST, SCA, secrets scanning and DAST to find and auto-fix issues such as business logic flaws, broken authentication, vulnerable dependencies and compliance violations. The site also highlights improved detection performance as a marketing claim (for example, a stated stat about finding more vulnerabilities with fewer false positives) and displays a "Trusted by" statement referencing hundreds of customers.

Key Features

• AI-native static analysis (SAST) alongside software composition analysis (SCA), secrets scanning and dynamic testing (DAST).
• Automated detection combined with auto-fix capabilities aimed at business logic flaws, broken auth, vulnerable dependencies and compliance issues.
• Automated pull-request reviews and auto-fix functionality referenced on the pricing/feature summary.
• End-to-end automated security workflows intended for development teams.
• Pricing and delivery options that include a baseline subscription model as well as usage-based credits and pay-per-scan billing.

Who this is for

The platform is targeted at modern DevOps teams and organizations looking to add AI-driven checks into their development lifecycle. It offers Team and Enterprise plans and lists baseline pricing on its pricing page; the site shows a starting price and per-developer charge, and also advertises a 14-day free trial. Note that some capabilities on the pricing page are marked "Coming soon," and the vendor provides both subscription and usage-based (credits/pay-per-scan) billing options, which may influence procurement and operational decisions.