Pixee acts as an autonomous product security engineer: it ingests findings from security scanners, triages them with context from the actual codebase, filters out false positives (the company claims up to 98% noise reduction), and opens production-ready pull requests that fix the real issues. Rather than adding another scanner to the pile, Pixee focuses on the 'last mile' of application security — getting vulnerabilities actually remediated at the speed developers now write code with AI.
Built by Contrast Security veterans
Pixee was founded in 2022 by Surag Patel (former Chief Strategy Officer at Contrast Security) and Arshan Dabirsiaghi (Contrast Security co-founder and prominent AppSec researcher). In May 2025 the Baltimore-based company raised a $15M seed round co-led by Decibel and Wing VC, with participation from TEDCO, PrimeSet and angels including HackerOne CTO Alex Rice.
How it works
Pixee integrates with GitHub, GitLab and Azure DevOps, plugging into existing scanner outputs (SAST, SCA and more). Its fixes are context-aware — the company reports a 76% merge rate on generated fixes — and it can also flag security risks at the design phase, before vulnerable code is written. Pixeebot is free for open-source projects.