Olivia
Online
Gecko Security
@gecko_sec
Security that actually understands your codebase, @ycombinator (F24)
/dev/null
Joined April 2024
151 Following
505 Followers
32 Posts
Grab a time with us here: https://t.co/3NSNfVcWcz
Gecko is coming to #RSAC2026 🦎
Here’s how to find us:
→ Meet the team at Booth #39 in the Early Stage Expo
→ See live demos of the Gecko platform in action
→ Book a 1:1 with our founders to talk about scaling AppSec and where it’s heading
this should be interesting. @BSidesLondon
The Gecko team is at #BlackHatEurope in London!
Excited to continue great conversations from yesterday tackling SAST and AppSec challenges.
If you’re in London, stop by booth #722 to see how Gecko finds and fixes business logic vulnerabilities at scale.
We want to address attribution oversights in several of our CVE disclosures and properly credit the original researchers for those findings.
Earlier this year, we used our AI SAST tool to scan GitHub and find vulnerabilities in open-source repositories. For all findings by Gecko, we worked directly with the maintainers to develop and release fixes. We've since learned that some of our findings had already been discovered first by other researchers on separate bug bounty platforms with one already having a CVE assigned, but no public fix released. At the time of our disclosures, neither we nor the maintainers were aware of any prior reports. We scanned the latest versions of code and only checked GitHub and CNA advisories, not different bounty platforms, which was an oversight on our part.
Disappointed to see public accusations without reaching out first, especially after launching a competitive product.
We work directly with maintainers via GitHub, not bounty platforms. Neither we nor the maintainers knew about your Huntr reports at the time, otherwise they would have been marked as duplicates.
We've publicly credited FuzzingLabs for the 2 CVEs where your findings came first, and we're always happy to credit whoever finds them before we do.
The claim about stolen CVEs doesn't hold up when many links you provided were already marked as "duplicate" or "invalid" on Huntr.
Disappointed to see public accusations without reaching out first, especially after launching a competitive product.
We work directly with maintainers via GitHub, not bounty platforms. Neither we nor the maintainers knew about your Huntr reports at the time, otherwise they would have been marked as duplicates.
We've publicly credited FuzzingLabs for the 2 CVEs where your findings came first, and we're always happy to credit whoever finds them before we do.
The claim about stolen CVEs doesn't hold up when many links you provided were already marked as "duplicate" or "invalid" on Huntr.
Gecko’s (@gecko_sec) AI SAST scanner found 30+ zero-day vulnerabilities in major open source projects that no AppSec tool found.
Here’s how they did it: https://t.co/vYObKNdLKn
https://t.co/sp4Wexqwkv
quick recap before christmas of what we shipped:
- js/ts/java support for our ai pentester
- github bot that scans your branch at every pr
- teams feature for companies that want to share scans/vulns
- scan any repo using the github public url
- code fixes for each vulnerabilities (if applicable)
- closed seed round
what have you shipped, anon? 🦎
Every piece of software is so absolutely full of bugs I cannot wait for an integrated Blackbox AI tester agent that works with an automatic P2 bug fixer agent to just fix all the most annoying tedious little bugs that PMs will mark as “won’t fix”
The people who do that should win a Nobel Prize for Software
This demo is pretty interesting — they find 0 day intrusions. There's a whole world in which they should go find the 0 days that LLMs can find *before* the other LLMs do so
Try out Gecko here: https://t.co/sp4Wexqwkv
We've also just launched Gecko on Product Hunt, we'd love your support and feedback: https://t.co/Ve8wQ7Uep7
If AI helps you write your code, why not let AI secure it too?
300mg caffeine mornings =
YC F24's @gecko_sec is an AI security engineer that finds and fixes vulnerabilities in your codebase, helping teams secure code without relying on one-time human pentests that quickly become outdated.
https://t.co/z90wc75i4h
Congrats on the launch, @jjjutla and @nkoorty!
Super excited to work with Pete - he’s already helped us immensely! 🦎
Congrats to @jjjutla and @nkoorty on launching Gecko Security! Gecko uses AI to replace one-off manual security audits with continuous vulnerability detection. These two are the perfect team to solve this problem; they've already racked up impressive accomplishments in security and AI research and just happen to be great full stack builders. Excited to be working with them!
Last Seen Users on Sotwe
Hansaplast04
Seen from Indonesia
pecinta tante 🫶
Seen from Indonesia
دكرك يا زانيه يا منيوكه
STW bugil
Seen from Indonesia
FemiQuraishi
Seen from United Kingdom
Farwa Abbasi
Seen from Pakistan
pap random STw
Seen from Singapore
pasifcanan
Seen from Turkey
Yuri Ananda
Seen from Indonesia
mei
Seen from Indonesia
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers