MindFort AI

@DesignByMaeL @ProductHunt We pen test ourselves…a lot! We also have SOC2 Type 2!

@mindfort @ProductHunt fastest to deploy sounds great but with security tools speed can sometimes trade off with trust. How do you make sure teams actually feel safe rolling this out quickly?

We're live on @ProductHunt today 🚀 launching the fastest way to deploy security agents. Give us an upvote and check out what we've built: producthunt.com/products/mindf…

Super excited to finally announce our raise! (We're hiring) We'll now be able to move much faster on these fronts: - increase our infra+capacity to serve a huge growth in demand - build out the team as we continue to develop new security agents for new verticals (cloud/network/remediations) - expand our applied research into offensive security LLMs Read more here on how we are thinking about the future of autonomous security agents and how MindFort is leading the push to a future where all companies are protected by teams of agents, inside and out. Huge thanks to @ycombinator @Soma_Capital and all our other early investors and angels for believing in us early. If you want to join us in building the future, send me a message, we are hiring across all roles in: Growth/Sales/Engineering/Research! mindfort.ai/blog/seed-anno… cc @AkulGupta30 @mindfort

We're excited to announce MindFort has raised 3M+ from @ycombinator , @Soma_Capital , + more to build the fastest way to deploy security agents. Try it today: mindfort.ai Proud of the team @BVeiseh @AkulGupta30 @andrewchough

@Polymarket >mom can we have chinese vulnerability discovery agent? >no honey, we have vulnerability discovery agent at home >@mindfort home grown in the USA

Free pen test from @mindfort to anyone who uses vercel :)

This market report on AI native AppSec companies (including @mindfort) points out where security is heading. Spoiler, it is heading to zero. Let me explain: As security agents rapidly mature and the cost of intelligence continues to drop per token, the average cost of discovery of a vulnerability will also drop. This is a double edged sword. - On one hand, it will collapse the vulnerability economy, making bounties and VDPs not worth the cost of maintaining them, instead deploying with low cost, highly effective agents. This will have an effect on the number of people working on security research. - On the other hand, it will also deflate the illicit market for vulnerabilities and reduce the number of zero days in circulation, and make discovery of exploitable vulnerabilities orders of magnitude more expensive for bad actors (who will also be using agents of their own). Companies will measure security in compute. Think: 100 kWs of compute, 100m tokens per day, 150 H100s powering your security program, etc. and can directly attribute better outcomes to increased compute spent on security. Spend becomes more efficient, finding vulns becomes cheaper, discovery happens faster, and overall security posture will increase. We are already measuring outcomes at MindFort this way. The cost of discovering a validated vulnerability used to be measured in 10s of millions of tokens. That is dropping to sub-million tokens on average using our latest agents and our upcoming model, MF-1. My most contrarian view on the topic is that the major AI labs will not win this market. A family of specialized cybersecurity models will win for a few reasons: - Bringing compute in house and inferencing for the lowest cost of vulnerabilities per compute unit - Ability to continuously train on your own security data, increasing that cost efficiency even further - Privacy and security: guaranteeing that model labs will not train on your data Now, while the cost of vulnerabilities will go to zero and AI agents take over continuous testing, this doesn't mean we will need less people in cyber: we will need more. We will need talented security researchers and engineers more than ever to run these programs at every company on earth. Report below: docs.google.com/document/d/13Q…

MindFort is delivering real results for engineering teams. Our agents help the team at Osto ship fast and keep their application secure.

@AISecHub Pretty cool stuff

medusa - AI-first security scanner with 74+ analyzers, 180+ AI agent security rules, intelligent false positive reduction. Supports all languages. CVE detection for React2Shell, mcp-remote RCE. github.com/Pantheon-Secur… What is MEDUSA? MEDUSA is a comprehensive Static Application Security Testing (SAST) tool with 74 specialized scanners covering all major languages and platforms. It features intelligent false positive reduction and 180+ AI agent security rules for the agentic era. Key Features 🔍 74 Specialized Scanners - Most comprehensive coverage available with intelligent selection 🎯 Intelligent FP Filter - Reduces false positives by 40-60% using context-aware analysis 🚨 CVE Detection - React2Shell (CVE-2025-55182), Next.js vulnerabilities, supply chain risks 🤖 AI Agent Security - 180+ rules for MCP, RAG, prompt injection, tool poisoning & more 🏖️ Sandbox Compatible - Works in Codex, restricted environments, and CI/CD pipelines ⚡ Parallel Processing - Multi-core scanning (10-40× faster than sequential) 🎨 Beautiful CLI - Rich terminal output with progress bars 🧠 IDE Integration - Claude Code, Cursor, VS Code, Gemini CLI, OpenAI Codex support 📦 Auto-Installer - One-command installation of all security tools (Windows, macOS, Linux) 🔄 Smart Caching - Skip unchanged files for lightning-fast rescans ⚙️ Configurable - .medusa.yml for project-specific settings 🌍 Cross-Platform - Native Windows, macOS, and Linux support 📊 Multiple Reports - JSON, HTML, Markdown, SARIF exports for any workflow 🎯 Zero Config - Works out of the box with sensible defaults

@flappyairplanes You probably need MindFort

Announcing Flapping Airplanes! We’ve raised $180M from GV, Sequoia, and Index to assemble a new guard in AI: one that imagines a world where models can think at human level without ingesting half the internet.

@Six2dez1 Awesome

Burp AI Agent is now public MCP-powered AI agent (and server) living inside Burp. Instead of a chat next to it, extends itself: tools, actions, live traffic and findings. AIO to reduce context switching while testing Repo: github.com/six2dez/burp-a… Docs: burp-ai-agent.six2dez.com

MindFort goes beyond just discovering vulnerabilities. Introducing: CVSS 3.1 Composite Scoring Because our agents can deeply understand the context of web applications, they are not only great at finding and exploiting vulnerabilities, they are world class at vulnerability prioritization and scoring. MindFort takes into account many factors of an application relative to other vulnerabilities discovered and the application itself to make scoring and prioritization better than ever before. We even provide a coverage map of the OWASP Top 10, so you can understand your application's risk relative to industry standards. Teams report a significant reduction in triage time with MindFort Composite Risk Scoring, which is now generally available in all account tiers.

🚀

@S1r1u5_ @BVeiseh Continuous penetration testing agents. Set it up once, get results weekly

@BVeiseh @mindfort interesting what does it do

cURL closing their Hackerone bug bounty program on HackerOne for obvious reasons: death by thousand slops, slop from both humans and AI-assisted submissions. it is insane to me that companies like HackerOne are still stuck in the past. why aren't cURL, other companies, and FOSS projects setting up environments modeled on their actual threat scenarios and letting researchers hack until they capture a flag? what do you care about cURL security? what is the threat model? you don't want an HTTP request to an untrusted site to result in: 1. a shell on your system 2. info leak 3. DoS that crashes your computer it is all we really care about. PoC || GTFO. read the flag, get paid. don't waste a single second reading anything else. with this you don't even need to spend so much money on running a bug bounty program.

Soon, @mindfort agents will be able to test full standalone APIs. Great for engineering teams building and shipping developer APIs.

Check out a conversation our co-founder @BVeiseh had today on how MindFort is building the best agents for continuous penetration testing.

MindFort ❤️ Railway

Jensen Huang just revealed something chilling about the future of AI and cybersecurity. On the latest episode of Joe Rogan, Jensen gave a stark warning about how today there are already millions of ai agents performing cyberattacks against friendly targets. And that the only way to stop them? Millions of our own agents fighting back. That is our mission at MindFort. To give you your own army of agents that are constantly attacking your targets, looking for a way in before the bad guys do. We don’t take this mission lightly, what we are building is critically dangerous, but we know that this is what is needed to keep the world safe. Super glad to hear Jensen, who goes on at lengeth, talk about both the danger and potential for AI in security. Excellent episode worth a watch. He is a brilliant person.

@_Shark_byte @verialabs @MultifactorCOM @kestrel__ai @gecko_sec @nkoorty 👀

I know for a FACT there are (at least) 3 really cool security startups in YC F25 @verialabs @MultifactorCOM @kestrel__ai do you guys wanna help me make this event a reality 👀 Even past security YC companies like @gecko_sec @nkoorty @mindfort Can sponsor maybe 👀

Had an absolute blast at @OffensiveAIcon yesterday! The speakers were increidble and it was great to catch up with old friends and new ones. Can’t wait for next year! 🌴 @mindfort @AkulGupta30