Gitar comes out of stealth with $9M to build AI agents for code security

With the rise of “vibe coding,” AI agents are generating massive amounts of code within companies, creating a wave of output that many teams are now struggling to manage. This rapid surge is often described as “code overload.” Studies and reports have shown that code generated by AI systems can introduce a range of issues — from bugs to deeper quality concerns — into existing codebases, forcing senior engineers to step in and resolve them before anything can be released to production.

A new startup is now attempting to address this challenge by applying AI to the very problem AI created.

Gitar, founded by Ali-Reza Adl-Tabatabai — who has previously worked at Intel Labs, Google, and Uber — officially came out of stealth on Wednesday, announcing a $9 million funding round. The round was led by Venrock, with participation from Sierra Ventures.

The two-year-old company offers a subscription-based platform that deploys AI agents for a range of code-quality tasks. These include automated code reviews and the management of continuous integration workflows — processes that involve regularly merging and testing code updates to ensure stability and reliability within a codebase. The platform also enables engineering teams to design custom agents that automatically perform security checks and maintenance operations.

Adl-Tabatabai, who serves as CEO, explained that AI-generated code leads to “more code to review, more tests to write, and more CI failures to diagnose.” He described Gitar’s core function as “code validation,” emphasising its role in making sure that software developed within organisations is production-ready. “Generation produces code; validation makes it trustworthy. Gitar is the workflow agent that owns that process, orchestrating reviews, tests, and diagnostics end to end,” he said.

Looking ahead, Adl-Tabatabai believes automation will play an even larger role in the software development lifecycle. Currently, most production-level code still requires human oversight, with engineers reviewing changes to ensure safety and quality. He acknowledges that this process exists for good reason — to prevent faulty or risky code from being deployed.

However, his long-term vision reduces the reliance on manual reviews. He suggests that platforms like Gitar could take over much of this responsibility, allowing teams to move faster while maintaining standards. “We have a validation agent that can automatically ensure that your code is safe to ship, and involves humans only in exception cases,” he said.

Although several companies are already working in the automated code-review space, Gitar aims to stand out by concentrating specifically on post-generation processes. “Most of the market chased code generation. We didn’t,” Adl-Tabatabai noted. “Git is built around what happens after code is written.”

The newly secured funding will support hiring efforts across engineering and product development teams, as the San Mateo-based startup continues to scale its platform and strengthen the infrastructure needed to deliver its services more broadly.