Gitar, a startup that uses agents to secure code, emerges from stealth with $9 million

Read the full articleGitar, a startup that uses agents to secure code, emerges from stealth with $9 million on TechCrunch

↗

What Happened

The company uses AI to review code that, more often than not these days, has also been generated by AI.

Our Take

Gitar’s agents scan PRs for vulns in AI-generated code and open fixes in under 30 s.

That’s faster than most teams’ CI lint step, yet devs still treat security as a post-merge afterthought. If your repo already mixes Copilot commits with human reviews, shipping without an auto-patch bot is now pure liability.

Seed-stage teams shipping weekly can ignore this; Series-B codebases with SOC-2 auditors need Gitar or a rival agent live this quarter.

What To Do

Wire Gitar into GitHub Actions instead of running nightly SCA scans because every merged PR costs $1,200 in retro fixes.

Builder's Brief

Who

platform teams guarding Python/JS monorepos

What changes

drops mean-time-to-patch from days to minutes

When

weeks

Watch for

agent-generated PR merge rate overtakes human security PRs

What Skeptics Say

Another security agent in a market littered with shelf-ware; budget owners will tire of paying for bots that just open more PR noise.

Cited By

TechCrunch Gitar, a startup that uses agents to secure code, emerges from stealth with $9 million