Swedish application security platform Detectify has launched an MCP Server that plugs its security testing engines directly into AI coding workflows — letting the same agents that write code find, validate, and fix the vulnerabilities they introduce.
The launch addresses a problem AI created for itself. As agents increasingly write, refactor, and modernize code autonomously, software is being produced faster than security teams can review it. AI-assisted development eliminates some classic mistakes, but it multiplies the volume of services, APIs, and infrastructure that must be continuously secured — a visibility and governance gap that grows with every sprint.
Built on the Model Context Protocol — the open standard Anthropic released in late 2024 that has become the default way agents talk to external tools — the Detectify MCP Server offers three core capabilities. “Find & Fix” automation lets AI agents receive remediation tasks, generate patches, trigger Detectify validation scans, and present verified fixes for human review. Conversational command allows developers to query scan results, monitor asset status, and surface high-severity findings in natural language. And a lightweight setup connects an organization’s preferred AI tools to the remotely hosted server without integration projects.
The differentiator Detectify leans on is validation: rather than an agent declaring its own patch safe, the fix is verified by Detectify’s testing engines — built, as the company puts it, by hackers — before a human signs off.
The release is part of a broader pattern: security vendors racing to make their tooling agent-native as the industry accepts that AI-written code is no longer the exception but the pipeline. For teams already running coding agents, the pitch is simple — close the loop, or ship the vulnerabilities.
