Gitar raises $9 million to put AI agents on code review, CI, and security gates

Gitar, a San Mateo startup founded by Ali-Reza Adl-Tabatabai, is emerging from stealth with $9 million in funding led by Venrock, with Sierra Ventures participating. Its pitch is straightforward: use AI less to write code and more to validate the code teams already have.

That may be the better business.

Any serious engineering org in 2026 is dealing with the same shift. AI assistants can spit out pull requests, test updates, dependency bumps, and half-finished refactors all day. Writing code got cheaper. Deciding whether it should be merged did not.

Gitar wants to sit in that bottleneck. Its platform uses agents to run code reviews, manage CI workflows, and handle security and maintenance tasks. Teams can also define custom agents that work inside their repos and pipelines.

Adl-Tabatabai summed up the company’s pitch to TechCrunch this way: “Generation produces code; validation makes it trustworthy.” The point lands because it names a real gap in current AI tooling. Most products help create output. Far fewer help decide whether that output should ship.

Why this timing works

The past two years were dominated by generation. Copilots, coding agents, vibe-coded internal tools, AI-written test files, AI-generated migrations. All of that means more code moving through review queues and CI.

That creates pressure in a few obvious places.

Reviewers are stuck with noisy diffs. Some are harmless. Some hide subtle bugs, weak error handling, or insecure defaults.

CI gets slower and messier. Flaky checks, overlapping scanners, duplicate alerts, pipelines that burn 40 minutes before telling you something basic.

Security teams have even less reason to trust manual review as a control point. Nobody is going to carefully inspect every dependency change, secret leak, permission regression, and tainted data flow issue while PR volume keeps climbing.

A validation-focused agent fits that moment. The harder question is whether Gitar can reduce toil instead of adding another layer of automation that developers learn to tune out.

That’s where plenty of tools in this category go sideways.

What the product has to do

Gitar hasn’t published a full architectural breakdown, so some of this has to be inferred from what a credible system in this category needs to handle.

At minimum, it has to plug into source control events from GitHub or GitLab, watch pull_request and push activity, and trigger the right checks without running everything on every change. If it scans an entire monorepo on each commit, teams will get rid of it fast.

The harder part is orchestration. A useful validation agent can’t just behave like another linter that posts comments on a PR. It has to decide what to run, in what order, and what actually blocks a merge. That usually means pulling together several signals:

• static analysis such as SAST, secret scanning, dependency audit, and taint analysis
• dynamic checks such as unit and integration tests, and for web apps possibly DAST in preview environments
• supply chain checks like SBOM generation, provenance validation, and dependency risk
• repository policy checks such as CODEOWNERS, required approvals, and branch protections

If Gitar is serious, findings should normalize into something like SARIF. Nobody wants one more proprietary alert format jammed into the toolchain.

Then there’s the LLM layer, which is where a lot of these products get noisy. Raw diff review from a model is rarely dependable enough. It comments on style when the issue is data flow. It misses breakage outside the patch. It invents project conventions. To work at scale, the model needs tighter context and better grounding.

That usually means diff scoping, symbol indexing, call graph hints, failing test logs, and retrieval over internal docs or past incidents. Enough structure that the model behaves like a review system, not a chatbot pasted into a PR.

The policy layer matters just as much. Teams need to define “safe to ship” in code, not leave it floating around as tribal knowledge. No new secrets. No high-severity vulnerability findings. Coverage can’t drop past a threshold. Owners must sign off on sensitive paths. Those checks should live in versioned policy files, often through OPA and Rego, and they need to be auditable like anything else in the repo.

That part of Gitar’s pitch should get the attention of tech leads and platform engineers. Workflow ownership matters only if it turns a pile of disconnected CI signals into one verdict developers can trust.

Signal quality decides whether this works

There’s no shortage of vendors covering parts of this market.

Sonar, Snyk, DeepSource, Qodana, and CodeRabbit all deal with code quality, security scanning, or review automation. Amazon CodeGuru has been around in this territory for a while. CI platforms keep adding validation features too.

So Gitar doesn’t need to invent a category. It needs to get the signal right.

If the agent blocks merges for low-value reasons, developers will ignore it or work around it. If it misses real regressions, security and platform teams won’t trust it. If it adds 20 minutes to every PR, it becomes the bottleneck it was supposed to remove.

For normal changes, median validation time probably has to stay under 10 minutes, with heavier scans pushed into async paths unless the risk is high. That takes incremental analysis, aggressive caching, and sharded runners on larger repos. Monorepos make it harder. Polyglot stacks do too, especially when a single change can ripple across TypeScript frontends, Go services, Terraform, and CI config.

This is usually where the gap between a nice demo and a durable product shows up. Smart checks on a small repo are easy. Enterprise repos with ugly dependency graphs, flaky tests, and years of security exceptions are where tools either mature or collapse into services work.

Why developers might actually care

Most engineers don’t care about “AI in the SDLC.” They care about fewer dumb interruptions.

A good validation agent can help if it makes the PR experience cleaner. One summarized commit status is better than 14 tools posting contradictory comments. Diff-aware scans are better than punishing the whole repo on every push. Suggested fixes are useful if they stay narrow, reviewable, and auditable.

That last part matters. Auto-fix features sound great until the tool starts changing public interfaces, suppressing warnings to get green checks, or rewriting tests in a way that preserves the bug and satisfies the pipeline. Safe auto-remediation needs hard limits. Dependency patching within known version ranges is one thing. Behavioral changes in production code are another.

There’s also a quieter benefit here. Policy becomes visible. When teams encode review and security expectations in the repo, they rely less on senior engineers remembering every sharp edge. That’s good engineering hygiene whether an LLM is involved or not.

Buyers should still be skeptical of any system that claims to own validation without explaining failure modes. What happens when the model endpoint is down? Does the pipeline fail closed on security-critical gates? Can the system fall back to deterministic checks? How long are prompts and code artifacts retained? Which models touch source code, and where do they run?

Those are production questions, not procurement paperwork.

Governance will matter more than the demo

If Gitar wants bigger customers, it needs a strong governance story.

Code validation agents see sensitive material by design. Source code, secrets, infrastructure config, dependency metadata, test logs, maybe customer-specific context buried in bug traces. Any startup in this space needs clear answers on data handling, private deployment options, redaction, and retention. “Trust us” is not enough.

The same goes for auditability. Security and compliance teams increasingly care about SBOMs, software provenance, and standards like SLSA. A platform that can tie policy checks, scan results, and remediation history into a clean audit trail has a real opening. One that mostly generates AI commentary with weak traceability does not.

That’s part of why this market looks more durable than the current rush around code generation. Enterprises may experiment with code-writing agents at the edge. Merge gates, CI policy, and security review sit much closer to the center of control. That’s where budget tends to go.

A sensible bet, and a hard product to build

Gitar is aiming at the right problem.

Engineering teams don’t need help producing more unchecked code. They need systems that can sort good changes from bad ones quickly, consistently, and with enough transparency that humans still trust the process. Validation agents line up with that need better than another autocomplete pitch.

The catch is that this market gets harder exactly where the story gets more compelling. Orchestration is hard. Low-noise analysis is hard. CI performance is hard. Earning trust from both developers and security teams is harder still.

The $9 million gives Gitar time to build. It won’t buy much patience if the agent turns into one more flaky gate in the pipeline.

For a tool sitting between a PR and production, “pretty good” won’t cut it.