Application Security,
Artificial Intelligence & Machine Learning,
Next-Generation Technologies & Secure Development
Startup Leverages AI Agents for Enhanced Security and Development Efficiency
A startup founded by a former product leader from Dazz and Hysolate has emerged from stealth mode to automate and enhance product security tasks for enterprise development teams. Clover Security, based in New York, has raised $36 million from Notable Capital and Team8 to transition product security from a reactive, scanner-based model to a proactive, AI-driven approach.
Co-founder and CEO Alon Kollmann emphasized that the company’s core innovation lies in shifting security measures upstream, embedding them in the design phase before any code is written. This proactive method allows security teams to engage with development earlier and more effectively, helping to alleviate the repetitive manual tasks that have historically burdened them. As Kollmann noted, these tasks often include reviewing documentation and providing training to developers about security matters.
The company, established in 2023 and currently employing 54 individuals, aims to provide solutions that go beyond traditional scanning methods, which Kollmann described as insufficient in today’s fast-evolving technological landscape driven by AI. “Every tool that security teams had was super reactive,” he stated, stressing the need for a shift towards a design-focused approach that fosters collaboration with developers.
Limitations of Conventional Product Security Practices
Conventional product security strategies rely on scanning code or infrastructure post-development, a practice Kollmann argues is no longer sustainable amidst the rapid pace of AI-accelerated development. Clover’s solution seeks to engage security measures earlier in the design process, ensuring security considerations are integrated from the outset.
To this end, Clover plans to enhance its existing agents, particularly in complex areas like code analysis, and develop new agents to further automate the security pipeline. The company is strategically focused on expanding its reach among larger enterprises while improving customer acquisition and bolstering existing relationships through enhanced product offerings.
As organizations adopt AI technologies more rapidly, they face increasing complexity in software development. In response, Clover employs AI agents designed to lighten the load for security teams, automating many of their responsibilities while ensuring a focus on product security and security architecture.
Streamlining Design and Architecture Reviews
Historically, design and architecture reviews required gathering fragmented data from various sources, a cumbersome process for development teams. Clover’s AI agent automates the aggregation and analysis of this information, highlighting security threats and providing actionable recommendations to developers. “The agent was a natural fit, as many organizations already struggled with these reviews,” Kollmann commented, linking the initial success of the agent to the streamlined efficiency it offers.
Nonetheless, the integration of AI tools like GitHub Copilot presents its own challenges, introducing potential vulnerabilities into the development process. To counteract this risk, Clover has developed a specialized agent that works seamlessly with such tools to enforce security protocols and recommend secure coding practices in real time.
The platform’s architecture is modular, enabling Clover to introduce new agents rapidly without reinventing their infrastructure. This shared backend system allows for feature expansion while simplifying onboarding for customers, as they can benefit from each agent’s rollout without needing repeated integrations.
In summary, Clover Security is on a mission to redefine product security practices by infusing AI-driven solutions that not only enhance security measures but also streamline processes for development teams struggling to keep pace with the demands of modern software development.
