Apiiro Launches AutoFix AI to Fix Design and Code Risks

Apiiro launches AutoFix AI Agent to auto-remediate code and design risks in integrated development environments (IDEs) using runtime context, bridging AI coding and secure development. Agentic application security platform Apiiro is debuting AutoFix AI Agent, an industry-first AI agent that automatically fixes design and code risks using runtime context.

Meeting developers where they are through MCP connection

The tool operates within a developer’s IDE without requiring plug-ins, leveraging a remote Model Context Protocol (MCP) connection. “We’re meeting developers where they are– in their IDEs with deep code-to-runtime context–and giving them the secure path forward without slowing them down,” said Moti Gindi, Chief Product Officer at Apiiro. “It’s about empowering developers to fix risks and not vulnerabilities– in real time, with the runtime context, software architecture, and organization policy.” Apiiro highlights the rise of AI coding assistants like GitHub Copilot, Gemini Code Assist, and Cursor as a key driver for this tool. These assistants often operate with limited or no runtime context and lack governance by existing security tools, which can lead to vulnerabilities, unvetted technologies, business logic risks, and code that bypasses organizational security policies and architectural standards.

Risks found in AI-generated code

According to the Center for Security and Emerging Technologies (CSET) at Georgetown University’s Walsh School of Foreign Service, up to 50% of AI code assistants generate code containing vulnerabilities, with 10% of those being actively exploitable and having real business impact. CSET states that large language models (LLMs) and AI systems generating code pose direct and indirect cybersecurity risks, including insecure code generation, vulnerability to attacks and manipulation, and downstream impacts such as feedback loops affecting future AI training. “Evaluation benchmarks for code generation models often focus on the models’ ability to produce functional code, but do not assess their ability to generate secure code, which may incentivize a deprioritization of security over functionality during model training,” the report notes.

Tool built for scale and reliability

The AutoFix AI Agent scales expertise across development teams by automatically generating threat models for risky feature requests before code is written. It fixes static application security testing (SAST), software composition analysis (SCA), secrets, and API security findings. The agent uses unique runtime context to make precise, risk-based decisions based on an organization’s software architecture, security policies, business impact, and risk acceptance lifecycle. “AI code assistants represent one of the most transformative productivity tools of our lifetime. But by focusing solely on code, they lack context– missing critical signals like security policies and standards, compensating controls, and business risk,” said Idan Plotnik, Co-founder and CEO of Apiiro. “This disconnect introduces significant risk to enterprises, as ungoverned AI coding tools are adopted faster than application security teams can keep up. Our AutoFix AI Agent doesn’t just detect issues– it intelligently fixes them using the same contextual understanding and organizational knowledge that application security and risk management teams rely on to make informed decisions.” The AutoFix AI Agent leverages data from Apiiro’s platform, which maps software architecture across all material changes, powered by Deep Code Analysis (DCA), Code-to-Runtime matching, and the Risk Graph engine. Core capabilities include:

• AutoFix: Automatically fixes design and code risks with runtime context.
• AutoGovern: Enforces policies, standards, and secure coding guardrails automatically.
• AutoManage: Automates risk lifecycle management measurement across the software development lifecycle (SDLC).
“In a world where AI generates code, no software should ship without an AI AppSec agent securing it,” said Plotnik. “We’re enabling security teams to unlock full developer productivity while automatically fixing the most critical risks to the business.”

---

AI is impacting nearly every aspect of the channel, with more marketers adopting tools and strategies to leverage this technology.

---

Source: Originally published at Channel Insider on August 4, 2025.

Frequently Asked Questions (FAQ)

What is AutoFix AI Agent?

AutoFix AI Agent is an AI-powered tool developed by Apiiro that automatically identifies and fixes design and code risks within a developer's Integrated Development Environment (IDE) by utilizing runtime context.

How does AutoFix AI Agent integrate with developer workflows?

The agent operates directly within the developer's IDE without requiring any plug-ins, connecting remotely via a Model Context Protocol (MCP). This allows it to provide immediate feedback and remediation without disrupting the developer's workflow.

What are the risks associated with AI-generated code?

According to research, a significant portion of AI-generated code can contain vulnerabilities, some of which are actively exploitable and can have a substantial business impact. These risks stem from AI models prioritizing functionality over security during training and the potential for manipulation of AI systems.

How does AutoFix AI Agent differ from other AI coding assistants?

Unlike many AI coding assistants that lack runtime context and governance, AutoFix AI Agent uses this information to make precise, risk-based decisions aligned with an organization's specific software architecture, security policies, and business impact.

What types of security findings can AutoFix AI Agent address?

The agent can automatically fix findings related to Static Application Security Testing (SAST), Software Composition Analysis (SCA), secrets management, and API security.

What are the core capabilities of Apiiro's AutoFix AI Agent?

Its core capabilities include AutoFix (automatic risk remediation), AutoGovern (enforcement of policies and guardrails), and AutoManage (automation of risk lifecycle management).

Crypto Market AI's Take

The launch of Apiiro's AutoFix AI Agent highlights a critical trend in modern software development: the increasing need to integrate security seamlessly into the AI-assisted coding process. As AI coding tools become more prevalent, the potential for introducing new vulnerabilities increases. Solutions like AutoFix AI Agent are essential for bridging the gap between the rapid pace of AI-driven development and the imperative for secure, reliable software. This aligns with our platform's focus on leveraging AI for market intelligence and strategic decision-making within the cryptocurrency space, where speed and security are paramount. Our own AI agents are designed to analyze market trends, identify potential risks, and provide actionable insights, mirroring the proactive security approach Apiiro is bringing to code development.

More to Read:

• AI Agents Capabilities, Risks, and Growing Role
• AI-Driven Crypto Trading Tools Reshape Market Strategies in 2025
• How to Use Google Gemini for Smarter Crypto Trading