Writer: Jordan Sprogis
Editor: Lillian Castro
Reviewer: Cristian Lopez
- Two leading platforms announced they’re merging to create an AI-powered DevSecOps solution that integrates software delivery and security »
- Traceable CTO Sanjay Nagaraj noted the rise of AI-generated code has intensified the need for these types of advanced security solutions »
- Harness will leverage agentic AI to proactively secure every stage of the software development life cycle, going beyond traditional monitoring and detection »
Harness, a software delivery platform, and Traceable, an application security platform, announced they are joining forces to become a single entity that offers a more advanced, comprehensive, and AI-native DevSecOps solution.
Harness and Traceable are owned by BIG Labs, a San Francisco-based technology startup studio founded by Jyoti Bansal, who is the CEO and Co-Founder of both companies. In the blog post announcement made on February 10, Bansal wrote:
“For our customers, this means DevOps and application security are now seamlessly integrated into one platform. They’ll be able to get the best of both offerings, improving the speed and efficiency of software delivery while ensuring that application security is built into every step of the development lifecycle, from design to runtime.”
Harness was founded in 2017 to streamline and automate the software delivery process with a focus on CI/CD. Traceable came later in 2020, with the intention to address the growing concerns around application security, allowing businesses to detect vulnerabilities early in the development process.
Sanjay Nagaraj, Co-Founder and CTO of Traceable, said the merger was a long time coming — even before its leaders realized it.
“For the past few years, almost every time we would go into a conversation with a customer, they used to say, if it was a Harness call, ‘Can we reserve 15 minutes to talk about Traceable?’ and vice versa,” Nagaraj told us. “So, our customers saw us coming together even before we started laying out the initial plans.”
Once the merger is complete and the new platform is ready for use, Nagaraj will take on the role of General Manager of Harness’ Application Security business. He shared that he’s excited to “bring the much-needed next-generation DevSecOps platform to the market and set the new standard for fast and secure software delivery.”
The Rise of AI-Generated Code
AI-generated code is becoming more common in the software that powers many industries. As organizations increasingly rely on AI to develop complex applications, such as code, the need to secure each step of the software and app development processes also heightens.
“The influx of AI-generated code over the last few years has only amplified the need for solutions to help developers and security operations centers (SOCs) balance velocity with security,” said Nagaraj. “Unfortunately, many enterprises still rely on traditional security approaches focusing solely on network and infrastructure protection. As a result, we’re continuing to see API breaches in the headlines almost daily.”
It’s no exaggeration. The Traceable research team found that 57% of organizations had an API-related breach in the past two years, with almost three-quarters facing three or more incidents.
With this in mind, the leaders realized that combining developer operations and application security gives organizations better visibility into the entire software life cycle.
“This is why we brought Harness and Traceable together — to power the next wave of AI agentic workflows that optimize and secure every stage of the software delivery process,” said Nagaraj. “Leveraging this, organizations gain a competitive edge in the fast-paced and dynamic landscape.”
Agentic AI: The Decision-Making Agent
Many experts in the AI space believe agentic AI is the next stage that will soon become an integral part of daily life. Compared to the genAI available in most applications and tools now, agentic AI is a more advanced, sophisticated tool that actively understands and monitors patterns and behaviors.
One of those experts who sees agentic AI as “the next big thing” is Andre Reitenbach, CEO at Gcore.
“What distinguishes agentic AI is the capability to make autonomous decisions when performing tasks on behalf of a user. As opposed to running on a continual series of prompts, the AI agent can take over the central role of reasoning and problem-solving from a single set of instructions,” Reitenbach explained.
In the new Harness platform, Nagaraj said agentic AI will be able to identify security risks actively, adapt to changing patterns, and protect systems proactively.
Agents are, of course, only as powerful as the data behind them. Bansal emphasized Harness has built a library that combines insights into how apps are built, tested, and delivered with Traceable’s expertise in API usage and security.
Together, this data creates what Bansal calls a “multiplier effect,” which takes native, agentic workflows to “the next level.” That next level, of course, is a streamlined and secured end-to-end software delivery experience.
Nagaraj said Harness has more in the pipeline: “One of our priorities in the next 12-18 months will be to rethink traditional components such as web application firewalls (WAFs) to make them more data-focused, leveraging our observability and contextual data capabilities.”
This will include more dynamic bot defense methods — not just for APIs but also for web applications and genAI systems, such as creation tools or models that are typically susceptible to bot attacks.
