Harness, the AI DevOps Platform™ company, announced it has acquired Qwiet AI, formerly known as ShiftLeft, Inc., a leader in agentic AI-powered vulnerability detection and reachability analysis, effective September 26, 2025. This acquisition builds on the March 2025 merger with Traceable and comes as the company’s application security business is projected to reach $50M in ARR this year.
Closing the Security Gap in AI Code Generation
Software development is accelerating at an unprecedented rate, fueled by AI coding tools and practices such as “vibe coding” that lower the barrier to writing code. But speed comes at a cost: AI-generated code often inherits insecure patterns, omits safeguards, and can introduce fabricated dependencies, fueling a surge of hidden vulnerabilities. Security teams are already overwhelmed by alerts – most of which are low-value or false positives – wasting time on the wrong problems while critical risks slip through. The gap between innovation and security is widening, and enterprises are left struggling to scale AI with the confidence that compliance and speed can keep pace.
Harness + Qwiet AI: The Future of Application Security in the AI Era
Together with Qwiet AI, Harness is deepening its investment in application security for the AI era and reinforcing its vision for the future of software development – one where security and speed go hand in hand.
“AI-generated code is transforming how software gets built, but it’s also introducing a new wave of hidden vulnerabilities,” said Jyoti Bansal, co-founder and CEO of Harness. “With Qwiet AI, we’re extending our robust application security portfolio to secure code from the very first step. By unifying security and DevOps, every build, test, and deployment can be secure by default – reducing risk while accelerating innovation. It’s a game-changer for enterprises that want to move fast and stay secure.”
Also Read: Nasdaq and AWS to Advance Capital Markets and Banking Infrastructure Across the Financial System
Qwiet AI’s advanced Code Property Graph (CPG) technology is integrated with the Software Delivery Knowledge Graph, which powers Harness AI. Combined with Traceable runtime data, this brings deeper application awareness and precision to vulnerability detection. Instead of overwhelming teams with noise, these capabilities spotlight the risks that truly matter, helping developers remediate faster and security teams spend more time driving innovation. Together, they enable organizations to:
- Quiet alert noise: Qwiet AI’s industry-leading 97% true positive rate and 90% false positive reduction ensure developers are only alerted to real vulnerabilities.
- Reduce developer toil: CPG builds deep application awareness and enables 95% faster remediation, helping developers fix real issues faster than ever before.
- Focus where it matters: Advanced reachability analysis cuts through 92% of open source vulnerabilities to prioritize developers’ attention on what is actually exploitable.
- Understand real application risk: Combining deep code understanding with production shows which vulnerabilities are actually exploitable, so developers can focus on the risks that matter most.
“At Qwiet AI, we’ve always believed that developers deserve security that matches their speed,” said Stuart McClure, CEO of Qwiet AI. “Our technology was built for the future of AI-driven development, and Harness provides the platform and scale to bring that vision to life. Together, we can help enterprises turn security into a true driver of innovation.”
“With AI producing code at unprecedented speed, enterprises need security practices that can match the new pace of development,” added Katie Norton, Research Manager for DevSecOps at IDC. “This is accelerating demand for security testing built directly into DevOps platforms, where it can be adopted quickly, scaled easily, and managed without added integration burden. Harness‘s acquisition of Qwiet AI reflects this shift and can help enterprises adopt AI-driven coding while ensuring innovation and security advance together.”
Source: PRNewswire