The persistent AI agent works inside Slack, builds custom workflows in plain English, and gets smarter over time as it learns an organization’s security environment
New Release Signals Growing Enterprise Interest in AI Systems That Can Handle Day-to-Day AppSec Operations
ZeroPath has launched Zero, a new AI agent designed to work directly within enterprise application security teams and operational workflows. Unlike traditional security chatbots or standalone scanning tools, Zero is designed to stay embedded inside the systems security teams already use every day, including Slack, where it can respond to messages, follow conversations inside security channels, and take action based on internal policies and prior decisions.
The launch comes as many organizations continue struggling with remediation delays, alert fatigue, and growing pressure to manage increasingly complex cloud-native application environments with leaner security teams. The same operational pressure is also influencing how enterprises rethink broader automation strategies across infrastructure, logistics, and decision-making environments, particularly as AI-driven orchestration expands beyond cybersecurity into areas such as digital operations and supply chain intelligence. Many enterprise leaders evaluating long-term operational resilience strategies are increasingly examining how Digital Twin technology and Agentic AI can help reduce manual planning overhead, improve forecasting precision, and accelerate decision-making across distributed environments, with resources such as this Digital Supply Chain Transformation white paper drawing growing attention among organizations looking to modernize operational workflows at scale.
Dean Valentine, CEO of ZeroPath, said the company built Zero to behave less like a passive assistant and more like an operational team member capable of carrying context across workflows.
“Zero is not a chatbot or dashboard,” Valentine said. “It’s a colleague that learns, acts based on policies and prior decisions, and builds workflows in plain English, without any custom development.”
Security Teams Push for More Operational Automation
Over the past year, many security vendors have introduced AI assistants aimed at helping analysts summarize alerts, review code findings, or automate repetitive tasks. What companies are now asking for, however, is something more persistent:
Systems that can stay involved across the full lifecycle of remediation and coordination work.
Zero Designed to Handle Workflow Coordination
According to ZeroPath, the platform can build and manage approval chains, escalation paths, remediation workflows, and policy-driven actions without requiring teams to write configuration logic manually.
The company said the agent gradually adapts to the organization’s internal environment over time, improving recommendations and workflows based on historical activity and remediation outcomes.
Andrea Cappa, Security Lead at Aptos Labs, said one of the more useful aspects during evaluation was the way the platform refined its behavior using real scan data and prior feedback.
“What stood out to me is the self-improvement loop you get on the platform,” Cappa said. “The assistant tunes your custom rules based on scan results, so the setup actually gets sharper over time.”
The emphasis on contextual learning reflects a larger movement inside enterprise security operations, where teams increasingly want systems that understand internal workflows instead of simply generating more alerts.
Vendors Shift Focus From Detection Alone to Operational Execution
The release of Zero also highlights how competition inside the application security market is starting to move beyond vulnerability discovery itself.
AI Platforms Expand Into Remediation Management
According to ZeroPath, the system can automatically coordinate response activities when critical vulnerabilities emerge. That includes drafting pull requests, routing notifications to developers, tracking remediation deadlines, and escalating unresolved findings when SLA thresholds are missed.
In one example shared by the company, Zero can escalate unresolved critical findings directly to executive leadership with supporting context explaining what actions were already taken, who was notified, and why remediation remains incomplete.
The company also said the platform proactively monitors newly disclosed CVEs tied to organizational dependencies and can begin preparing remediation workflows automatically instead of waiting for security teams to initiate the process manually.
That operational approach reflects a broader reality facing many AppSec teams today. Security programs often span multiple disconnected systems – ticketing platforms, developer tools, scanning engines, collaboration channels, governance workflows, and reporting dashboards – creating coordination overhead that slows remediation efforts.
AI-native workflow systems are increasingly being positioned as a way to reduce some of that operational friction.
Reducing False Positives Remains a Major Priority for Enterprise AppSec
Alongside the launch of Zero, ZeroPath also announced additional platform updates aimed at improving finding accuracy and workflow accessibility.
ZeroPath Expands Its Broader AI-Native Security Platform
Among the additions were SAST V2, which the company said is designed to reduce false positives, and Preconditions, a reasoning layer intended to expose the assumptions behind vulnerability findings more clearly.
ZeroPath also introduced MCP, which allows platform functionality to operate inside external enterprise tools, along with Custom Reports aimed at helping CISOs and security leaders communicate remediation progress and security posture more efficiently.
False positives continue to remain one of the largest operational pain points across enterprise application security programs, particularly as organizations scale development pipelines and cloud-native environments.
For many security leaders, the challenge is no longer simply finding vulnerabilities. It is determining which findings actually matter, coordinating remediation across teams, and keeping pace with increasingly complex software delivery environments without overwhelming already stretched security staff.
As AI becomes more deeply embedded inside enterprise security operations, vendors are increasingly being evaluated not only on detection capability, but also on how effectively they can reduce operational workload and integrate into the environments where security teams already spend most of their time.
Research and Intelligence Sources: zeropath
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
