Pixee: Fixing Code Security, One Pull Request at a Time
At Wing, we’re always looking for founders solving foundational problems in bold, scalable ways. Code security has long been one of the thorniest challenges in software development. Today, we’re thrilled to announce our investment in Pixee, a company resetting how code security is handled—by shifting the focus from alerts to resolution.
The Problem: Alert Fatigue and the Security Productivity Gap
Most code security tools today generate findings but it is challenging to translate these findings into value. Developers are flooded with alerts, many of which are false positives. Even when a real issue is flagged, fixing it often requires security expertise that’s in short supply. The result? Long backlogs, unresolved vulnerabilities, and a growing tension between security and engineering.
Meanwhile, GenAI has transformed how developers write code—boosting velocity—but has done little to address the security burden it creates. Faster code means faster vulnerabilities. And in too many organizations, security teams are already underwater.
Pixee’s Approach: Resolution, Not Just Detection
Pixee solves this last mile of AppSec with an AI-powered platform that automatically triages and remediates vulnerabilities at scale—directly inside the developer’s existing workflow.
It’s not another scanner. Pixee integrates with the scanning tools companies already use, then applies agentic AI and deterministic techniques to deeply understand the issue, fix the code, and open a ready-to-merge pull request. No more “assign to developer.” No more manual triage. Just safe, automated, production-ready security fixes—delivered as code.
Pixee’s early enterprise adopters are already seeing results:
That’s not just automation—that’s transformation.
Why We Invested
We were impressed by Pixee’s founding team from the moment we met. Surag P. and Arshan Dabirsiaghi spent years working together at Contrast Security. Surag brings deep go-to-market and product strategy experience while Arshan is one of the most respected minds in AppSec, co-founder of Contrast and a legendary security engineer in his own right.
Pixee is addressing a massive, underserved need - that GenAI powered code gen is only exacerbating - with a product that developers actually want to use and trust. We believe their approach represents a fundamental shift in how code security will be managed in the future—from bottleneck to background task, from alert fatigue to auto-fix confidence.
What’s Next
We’re excited to support Pixee alongside Decibel Partners and a stellar group of angel investors.
As AI continues to reshape software development, Pixee is ensuring that security keeps pace. We’re proud to be backing a team that’s not only making code safer—but making developers more productive in the process.
To learn more or try Pixee, visit pixee.ai
Security issues in PRs are non-negotiable. If you want every finding—Snyk, Veracode, CodeQL, Black Duck, Checkmarx, Sonar—flagged and fixed before merge, automate it. Hikaflow does this out of the box: auto-reviews every PR, surfaces vulnerabilities, and gives you a real-time dashboard of code health. No more missed SQL injections, resource leaks, or outdated TLS. You get clean, secure code and a team that moves fast without breaking things.
Great news, excited to see how Pixee grows with your partnership Jake!
It's about time we give AppSec teams their Cursor/Windsurf/Codex equivalent. 🙌 I can't wait to see the day when we stop talking about understaffed security teams. Thanks for your support Jake and team Wing Venture Capital.