Gecko Security

An AI That Thinks Like a Hacker

Traditional application security tools are losing the battle against modern vulnerabilities. Static analysis scanners flood teams with false positives, miss business logic flaws entirely, and leave the actual work of remediation to already-stretched engineers. Gecko Security was founded to change that — by building an AI security engineer that doesn't just flag problems, but hunts for them the way a skilled attacker would and then fixes them automatically.

Founded by Jeevan Jutla and Artemiy Malyshau and backed by Y Combinator's F24 batch, Gecko Security emerged from two founders with rare, hands-on intelligence and national security backgrounds. Their combined experience — from UK signals intelligence to Austrian cyberforces to threat platforms used by Interpol — gives the product a depth that few security startups can claim.

What They're Building

Gecko Security operates as an autonomous security engineer layered on top of a codebase. Rather than performing simple pattern matching, the platform simulates real-world attacks — probing for exploitable vulnerabilities including business logic flaws that SAST tools routinely miss. When it finds an issue, it doesn't just report it; it applies a working code fix automatically.

The results speak for themselves. Gecko has discovered more than 30 CVEs in widely used open-source projects including Ollama, Gradio, Cal.com, and Ragflow. Compared to legacy security tooling, the platform delivers an 8x improvement in true positive rate and a 90% reduction in false positives. The platform is SOC 2 compliant and counts Cal.com and Fortune 500 security teams among its clients.

Why It Matters

With $440K ARR and a $500K YC seed deal from Fall 2024, Gecko Security is proving that AI-driven security engineering is no longer theoretical. As attack surfaces expand and developer velocity increases, the gap between what manual security reviews can cover and what attackers can exploit keeps widening. An autonomous security engineer that works at code speed — and actually closes vulnerabilities rather than just surfacing them — represents a fundamental shift in how application security gets done.

About Jeevan Jutla & Artemiy Malyshau

Jeevan Jutla brings an intelligence community pedigree that is unusual even in the security world. Before founding Gecko Security, he worked as a security researcher at GCHQ and MI5 — the UK's signals intelligence and domestic intelligence agencies — where he developed deep expertise in offensive security techniques. He later led Red Team security tooling at Binance and has ranked in the top 500 globally in competitive hacking. That combination of nation-state tradecraft and real-world adversarial thinking is the direct foundation for Gecko's attack-simulation approach.

Artemiy Malyshau brings a complementary set of credentials from the European defense and intelligence space. He served in the Austrian Cyberforces before building threat intelligence platforms that went on to be used operationally by Interpol and national governments. He holds an MSc in multi-agent systems from Imperial College London — a technical background that maps directly onto the autonomous, multi-step reasoning that Gecko's AI security engineer requires.

Together, Jutla and Malyshau represent a founding team with direct experience on both sides of the security equation: the attacker's perspective and the platform engineering needed to automate it at scale. Their Y Combinator F24 cohort backing validates what their CVE track record already demonstrates — that they are building something the security industry genuinely needs.

GCHQ/MI5

Jeevan's Background

Interpol

Artemiy's Platforms Used By

Top 500

Global Hacking Rank

YC F24

Accelerator

Sources: Public press releases, SEC and state business filings, published interviews, news coverage, and company disclosures.

An AI That Thinks Like a Hacker

What They're Building

Why It Matters

About Jeevan Jutla & Artemiy Malyshau

Founder Media Mentions for Jeevan Jutla & Artemiy Malyshau