Gecko Security, Inc.
Gecko Security provides AI-powered offensive security tools that automatically detect, verify, and fix complex business logic vulnerabilities and multi-step security flaws in code. The company aims to make secure code development faster and more efficient by replacing reactive security approaches with continuous automated testing.
At a Glance
- Fortune 500 companies
- Technology companies and startups
- Security teams
- Open source projects
- +5 more
AI Tools by Gecko Security, Inc.
(1)Gecko Security
AI Security for Logic Flaws
Discussions
No discussions yet
Be the first to start a discussion about Gecko Security, Inc.
Latest News
Gecko Security updates CVE attributions, addresses controversy with FuzzingLabs over duplicate vulnerability findings
Gecko Security discovers 30 0-day vulnerabilities in major open source projects including BentoML, AutoGPT, Ollama, Gradio, and DB-GPT
Gecko Security raises $500K seed funding from Y Combinator, Rebel Fund, Ritual Capital, EWOR, and Maiora Ventures
Gecko Security accepted into Y Combinator Fall 2024 batch
Products & Services
AI-powered offensive security platform that finds and fixes complex business logic vulnerabilities, broken authentication, and multi-step vulnerabilities in code. Uses LLM agents combined with program analysis tools (static analyzers, fuzzers, symbolic executors) to understand application logic, simulate targeted attacks, verify vulnerabilities through safe exploitation in sandbox environments, and provide production-ready fixes. The platform integrates directly into development workflows through CI/CD and provides continuous security monitoring.
Market Position
Gecko Security positions itself against traditional Static Application Security Testing (SAST) tools that rely on pattern matching and brittle AST parsing, which produce 80% false positives and miss critical business logic flaws. The company differentiates by using LLM-based threat modeling combined with program analysis tools (static analyzers, fuzzers, symbolic executors) to understand context and find complex multi-step vulnerabilities that traditional scanners cannot detect. Key advantages include 50% fewer false positives, automatic exploit generation for verification, and production-ready automated fixes. The platform makes sophisticated security tools previously only used in intelligence agencies accessible to development teams.
Leadership
Founders
Jeevan Jutla
Former UK Intelligence Service (GCHQ and MI5) security researcher who built automated security tools for critical national infrastructure. Led security tool development for Binance's Red Team in China. Ranked among top 500 globally in cybersecurity competitions and earned over $100,000 in hackathons. Completed electronic engineering degree at King's College London in 2023.
Artemiy Malyshau
MSc from Imperial College London in multi-agent systems and reinforcement learning. Served in Austrian Cyberforces. Built threat intelligence software used by Interpol and national governments as first employee at a previous company.
Executive Team
Jeevan Jutla
CEO and Co-Founder
Former UK Intelligence Service (GCHQ, MI5) security researcher who built automated tooling to defend critical infrastructure. Led security tool development for Binance Red Team. Top 500 ranked competitive hacker globally.
Artemiy Malyshau
CTO and Co-Founder
MSc from Imperial College London in multi-agent systems and reinforcement learning. Austrian Cyberforces veteran. Built threat intelligence platforms for Interpol and national governments.
Founding Story
The company was founded in 2024 by Jeevan Jutla and Artemiy Malyshau to address the problem that security is often an afterthought in software development. Having met four years earlier in London and won over $100,000 in CTF and hackathon prizes together, they created Gecko Security to move away from reactive security approaches and eliminate reliance on outdated one-time penetration tests. While testing an early prototype, they uncovered critical vulnerabilities in their own infrastructure within hours—flaws that would have taken days to find manually—which served as the breakthrough that launched the company.
Business Model
Revenue Model
SaaS subscription model with tiered pricing (free, monthly subscriptions, and custom enterprise licenses). Revenue based on number of repository scans, team size, and enterprise features like API access and custom integrations.
Pricing Tiers
Perfect for open source projects. Includes 10 repository scans, basic vulnerability scanning, and basic PoCs/remediations
For growing teams. Includes up to 100 scans, advanced scanning/PoCs/fixes, teams up to 5, and CI/CD Integration with PR/MR bot
For large organizations. Includes unlimited multi-repo scanning, Custom Rules, Automated Threat Modelling, API access, Custom Integrations, Code Line-level Fixes, SSO, RBAC, and Audit Logs
Target Markets
- Fortune 500 companies
- Technology companies and startups
- Security teams
- Open source projects
- Growing development teams
- Large enterprises
- Finding business logic flaws and multi-step vulnerabilities
- Identifying 0-day vulnerabilities in open-source software
- Scaling threat modeling for enterprises
- Tracing data flows and trust boundaries across code, infrastructure, and documentation
- Replacing one-time penetration tests with continuous automated security testing
- Reducing false positives in security scanning (50% reduction reported by customers)