Checkmarx has acquired Tromzo, a leader in AI-native autonomous security agents, in a strategic move to accelerate the delivery of reasoning-based application security. The acquisition integrates Tromzo’s cognitive architecture into the Checkmarx One platform, aiming to empower enterprises with AI agents that can autonomously understand risk and drive remediation across complex software ecosystems.
Quick Intel
Checkmarx acquires AI-native autonomous security agent pioneer Tromzo to advance agentic AppSec.
The deal integrates Tromzo’s reasoning-based cognitive architecture into the Checkmarx One platform.
Tromzo’s founders and entire AI engineering team will join Checkmarx’s product organization.
The union addresses the security challenge of 60% of code now being AI-generated.
New AI agents powered by Tromzo’s technology will launch under the Checkmarx Assist family in early 2026.
The goal is to provide autonomous, continuous protection for all code, whether legacy, human-created, or AI-generated.
The acquisition directly responds to the rapid transformation of software development, where Checkmarx research indicates 60% of code is now AI-generated. Traditional, manual security gating processes are unable to scale with this pace, creating bottlenecks and leaving vulnerabilities unaddressed. By integrating Tromzo’s technology, Checkmarx accelerates its path toward autonomous AppSec, where AI agents can continuously reason across code, deployment artifacts, and business context to identify and remediate the risks that matter most.
Tromzo’s core differentiation is its platform built on a true cognitive architecture, designed for enterprise-grade reasoning. Its agents analyze data to drive high-confidence triage and remediation aligned with specific enterprise risk models. This intelligence layer will become central to the Checkmarx One platform and will power new agents within the expanding Checkmarx Assist family, beginning with releases scheduled for early 2026. The first such agent, Developer Assist, already provides real-time guidance within popular IDEs.
The transaction includes the integration of Tromzo’s founders, Harshil Parikh and Harshit Chitalia, and their entire AI engineering team into Checkmarx. This union combines Tromzo’s specialized expertise in reasoning-based security agents with Checkmarx’s enterprise scale, market reach, and comprehensive application security platform. “By combining our deep reasoning agents with Checkmarx’s reach, scale, and market leadership, we’re delivering the only solution that lets enterprise security teams move fast with enterprise-grade control,” said Parikh.
The acquisition of Tromzo marks a definitive step in the evolution of application security from a manual, gate-keeping function to an autonomous, intelligent partnership. Checkmarx is positioning its enhanced platform to be the foundational security layer that enables organizations to adopt AI-driven development with confidence, ensuring continuous protection from code creation through deployment.
About Checkmarx
Checkmarx is the leader in agentic application security, delivering enterprise-grade protection while lowering engineering costs and accelerating development velocity. The Checkmarx One platform scans trillions of lines of code each year for companies, cutting vulnerability density by more than half. Its autonomous security agents detect and counter AI-driven threats across the SDLC, providing prevention-first protection for legacy, modern, and AI-generated code at enterprise scale.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.