Data Theorem Launches the Industry's First Closed-Loop AI Security Platform

News provided by

Data Theorem, Inc.

Jun 30, 2026, 08:00 ET

AI Exploits, AI Auto-Remediation, and AI Active Protection deliver continuous protection from exploit discovery to runtime defense for the enterprise AI era.

PALO ALTO, Calif., June 30, 2026 /PRNewswire/ -- Data Theorem, Inc., a leading provider of modern application security, today announced three new AI security capabilities: AI Exploits, AI Auto-Remediation, and AI Active Protection, all without the need for source code. Together they form a closed-loop platform spanning exploit discovery, remediation, and runtime defense. These capabilities are built for the security teams now responsible for every AI-generated exploit and attack reaching their applications.

Enterprise demand for application security is climbing fast. According to the Gartner® Magic Quadrant™ for Application Security Testing, "The AST market is projected to reach $5.1 billion in 2025, continuing a trend of rapid expansion."¹ That growth tracks a basic shift in how software is built: enterprise applications now run on AI, and AI brings a class of risk that traditional security tools were never designed to handle. Most security conversations now begin with the same question, "Which exploitable attack chains are inside our applications right now?" Few teams can answer it.

Data Theorem's platform follows a three-step loop built on the company's decade of Application and API security experience: discover every exploitable attack chain, automatically remediate the riskiest findings, and protect applications at runtime. The three AI security capabilities announced today each own one stage of that loop.

"The attack surface changed the moment the first AI-discovered zero-day went live. Attackers can now use AI to chain exploits faster than any engineering team can patch them. The answer is a platform that can find the exploitable chains, automatically fix them, and enforce guardrails at runtime, at scale. That's what we're shipping today for all customers."
Doug Dooley, COO, Data Theorem

AI Exploits: Find the Exploit Chain. No Source Code Required.

Frontier models have made source-code exploit discovery dramatically more accessible, yet production applications rarely arrive with complete, perfectly reconstructable sources. AI Exploits closes that gap. It performs AI-powered exploit-chain discovery against running applications, drawing on reverse-engineering, dynamic, static, and binary analysis as needed, so it can chain exploits at runtime without requiring source code.

This is Data Theorem's newest innovation. Where frontier-model exploit chaining generally depends on source code, AI Exploits works against the production-grade application as it runs, which customers value because supplying all of the right sources to faithfully reconstruct a live application is frequently impossible. Built on Data Theorem's award-winning Analyzer Engine, AI Exploits has delivered a measurable improvement in runtime exploit chaining, complementing the source-code exploit discovery being advanced by frontier models.

That foundation matters, because pointing a raw LLM at a code repository is both expensive and unreliable. Gartner makes the point directly in its Innovation Insight for Agentic Application Security Testing: "The design of the agentic AST harness matters more than the strength of the LLM for vulnerability discovery."³ The same report cautions that "token consumption with frontier LLMs makes agentic AST significantly more expensive than traditional static analysis, with long-term pricing models still maturing."³ Data Theorem's harness is engineered to deliver accurate, reachable findings while holding token costs down, so customers get the benefit of LLM reasoning without the waste of naive code scanning.

Key capabilities:

  • Chains attack primitives to simulate real-world breaches
  • Pinpoints exploitable vulnerabilities, not just theoretical risks
  • Reverse engineers compiled apps without source code

AI Auto-Remediation: From Critical Exploit to Closed, Automatically.

Detection is no longer the hard part; what happens after the new exploit-chain lands is. AI Auto-Remediation triages the most critical exploits and vulnerabilities and drives them toward an automatic fix, with no human required in the loop. Most enterprises will still prefer to keep a human in the loop to review and approve changes to their most critical application code, and that remains fully supported. For teams that want the loop closed end to end, Data Theorem provides the mechanism to fix the code automatically and push the change to the production cloud as quickly as possible to prevent data breaches.

We believe Gartner research underscores why this matters now. According to the Gartner® report First Take: With Claude Mythos Preview, Anthropic Shows That Creating Exploits Is Easier Than Creating Fixes, "As LLM-driven exploits become easier with models like Claude Mythos, cybersecurity leaders must speed up patching and scale their roadmap efforts, moving faster toward autonomous exposure remediation."² AI Auto-Remediation is Data Theorem's answer to that mandate.

Key capabilities:

  • Continuous scan and patch engine for open-source supply chains
  • Reduces zero-day vulnerability exposure times from days to milliseconds
  • Developer-first CLI workflows and APIs built for LLM-driven remediation

AI Active Protection: Block Attacks. Not Just Alerts.

When an application or API is under attack, posture management does not help. AI Active Protection extends Data Theorem's existing API Protect and Mobile Protect runtime SDKs already deployed in enterprise production today. Organizations get guardrails, runtime protection, and automated remediation without a new architecture or a lengthy integration project. As AI-augmented cyber attacks learn to chain exploits and operate at scale, runtime defenses have to keep up, and AI Active Protection is built to meet them.

The numbers make the case for runtime defense. The same Gartner report notes, "Fewer than 1% of the potential vulnerabilities Anthropic has discovered using Mythos Preview have already been fully patched by their maintainers. Over 99% of vulnerabilities Anthropic has discovered using Mythos have not been patched, and have not been disclosed to the public."² When fixes cannot keep pace with discovery, compensating controls at runtime carry the load. And because every OWASP LLM Top 10 risk, from prompt injection to unbounded consumption, has an API attack vector, Data Theorem's existing API security engine is a natural place to enforce them.

Underpinning all of this is Data Theorem's award-winning Analyzer Engine, the same harness that drives the company's discovery, testing, and protection AI security capabilities.

Shipping today:

  • AI-driven attack path mapping and LLM-abuse detection
  • Runtime protection, AI-scraping and behavioral detection at scale
  • Memory-scraping, prompt-injection, and data-exfiltration defense

Availability

AI Exploits, AI Auto-Remediation, and AI Active Protection are available now to all customers. AI Active Protection runtime SDKs are shipping and deployed in customer production environments today. For more information, visit www.datatheorem.com/solutions/ai-security.

¹ Gartner, Inc. "Magic Quadrant™ for Application Security Testing," Jason Gross, Mark Horvath, Giles Williams, Shailendra Upadhyay, Dionisio Zumerle, Aaron Lord. October 6, 2025. ID G00795930.
² Gartner, Inc. "First Take: With Claude Mythos Preview, Anthropic Shows That Creating Exploits Is Easier Than Creating Fixes," Jeremy D'Hoinne, Dionisio Zumerle, Dennis Xu, Charlie Winckless. April 21, 2026. ID G00853958.
³ Gartner, Inc. "Innovation Insight for Agentic Application Security Testing," Dionisio Zumerle. June 5, 2026. ID G00856894.

Gartner and Magic Quadrant are a trademark of Gartner, Inc. and/or its affiliates.

Media Contact
Sophia Jacob  |  Data Theorem, Inc.
[email protected]  |  (415) 763-7331

About Data Theorem
Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security, cloud (serverless apps, CSPM, CWPP, CNAPP), mobile apps (iOS and Android), and web apps (single-page apps). Its core mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously analyzes APIs, Web, Mobile, and Cloud applications in search of security flaws and data privacy gaps. The company has detected more than 5 billion application incidents and currently secures more than 25,000 modern applications for its enterprise customers around the world. For more information, visit www.datatheorem.com.

SOURCE Data Theorem, Inc.

21%

more press release views with 
Request a Demo

Also from this source

Data Theorem Ranked #1 for Cloud-Native Use Case in the 2025 Gartner® Critical Capabilities for Application Security Testing Report

Data Theorem Ranked #1 for Cloud-Native Use Case in the 2025 Gartner® Critical Capabilities for Application Security Testing Report

Data Theorem, Inc., a leading provider of modern application security testing and protection solutions for cloud-native, web, mobile, and API-based...
Data Theorem Recognized in the 2025 Gartner® Magic Quadrant™ for Application Security Testing

Data Theorem Recognized in the 2025 Gartner® Magic Quadrant™ for Application Security Testing

Data Theorem, Inc., a leading provider of modern application security testing and protection solutions for cloud-native, web, mobile, and API-based...
More Releases From This Source

Explore

Artificial Intelligence

Artificial Intelligence

The Latest Artificial Intelligence News

The Latest Artificial Intelligence News

Computer & Electronics

Computer & Electronics

High Tech Security

High Tech Security

News Releases in Similar Topics