Skip to main content

Zast

Category: AI in Cybersecurity

An AI-powered code security platform that utilizes autonomous agents to identify, verify, and prove software vulnerabilities with a 'zero false positive' guarantee. Zast was founded in 2024. The company is led by Geng Yang. Based in Bellevue, USA. Team size: 11-50. Total funding raised: $10.0M. Latest round: Pre-A (Jan 2025). Key investors include Hillhouse Capital.

Founded
2024
Headquarters
Bellevue, USA
Team size
11-50
Total funding
$10.0M

Value proposition

Eliminates 'alert fatigue' and reduces security assessment costs by providing fully verified, exploit-proven vulnerability reports, allowing developers to focus on immediate fixes rather than manual triage.

Products and solutions

ZAST Platform: Enterprise-grade autonomous vulnerability research and assessment engine., ZAST Express: An open-source IDE extension (compatible with VS Code and Cursor) for real-time, PoC-verified security feedback., Automated PoC Generation Engine: A proprietary system that creates Proof-of-Concept exploits to verify vulnerability existence., Autonomous Vulnerability Research Agent: An AI agent capable of discovering zero-day vulnerabilities at scale.

Unique value

The platform bridges the 'semantic gap' in code analysis by not just flagging potential risks, but autonomously generating and executing Proof-of-Concept (PoC) exploits to prove exploitability, achieving a breakthrough zero-false-positive standard.

Target customer

Enterprise security engineering teams (AppSec/DevSecOps), Fortune Global 500 companies, and large-scale open-source project maintainers.

Industries served

Cybersecurity, Software Development (DevSecOps), Enterprise Information Technology, Financial Services, Cloud Computing

Technology advantage

Combines AI-native Static Application Security Testing (SAST) with Automated Exploit Generation (AEG). This allows the system to identify complex semantic-level vulnerabilities (such as IDOR and privilege escalation) that traditional scanners often miss or bury in noise.

How they differentiate

Guarantees 'zero false positives' by autonomously generating and executing Proof-of-Concept (PoC) exploits to verify vulnerabilities rather than just flagging potential risks.

Main competitors

Snyk, Checkmarx, Grit.io

Key partnerships

Hillhouse Capital (Lead Investor), VulDB (Vulnerability database collaboration for zero-day disclosures), Major Global Technology Companies (Serving as early-adopter enterprise clients), Open-source community (Integration with popular IDEs and security research platforms)

Notable customers

Fortune Global 500 Companies (Undisclosed)

Major milestones

Founded in 2024 to solve 'alert fatigue' in security engineering., Launched Zast Express, an AI-powered IDE extension for real-time PoC-verified security feedback., Secured $6M Pre-A funding led by Hillhouse Capital in January 2025., Achieved nearly $10M in total funding within the first year of operation.

Growth metrics

Actively serving multiple Fortune Global 500 companies; team size estimated between 11-50 employees.

Market positioning

AI-native disruptor in the Application Security Testing (AST) and DevSecOps market.

Geographic focus

North America (Headquartered in Bellevue, WA) with a global focus on Fortune 500 enterprises.

Patents and IP

Proprietary 'Automated PoC Generation + Automated Validation' technical architecture; specific registered patent numbers are not publicly disclosed as of early 2026.

About Geng Yang

Geng Yang is a security researcher and technology leader with extensive experience in the intersection of AI and cybersecurity. Prior to founding Zast, he was the Co-founder and CEO of Entropool Inc. He has a strong technical background as a Security + AI tech lead and is a graduate of the University of Southern California (USC).

Official website: