Key points to remember:
- Certik launched its AI Auditor, a tool that achieved an 88.6% success rate when tested on 35 security incidents.
- Ronghui Gu says the tool moves the Web3 industry toward permanent, high-signal defense for 2026 workflows.
- Certik will then extend its modular AI architecture across DeFi and highly compliant institutional environments.
Real-world testing
Certik, a Web3 security platform, announced Tuesday (April 7) that it has officially moved its artificial intelligence (AI) auditor from an internal central to a public-facing solution. This launch, supported by open source integrations for AI coding agents, marks a crucial shift in Certik’s AI-driven security roadmap, moving from reactive auditing to proactive, “always on” defense.
According to a media release, the system achieved an exact success rate of 88.6% in backtesting against 35 major Web3 security incidents this year. The system identified critical vulnerabilities while successfully minimizing the “noise” that often affects automated tools.
“The question is no longer simply whether AI can detect vulnerabilities, but whether it can truly help development teams surface security issues worth solving earlier,” said Ronghui Gu, co-founder of Certik. “By filtering out endless false positives, our AI auditor provides a clear, actionable signal, transforming security from a bottleneck into an accelerator. »
The system’s low-noise capability is powered by a layered architecture that starts with the Multiscanner framework. Unlike single-model tools, this framework runs specialized scanners in parallel to expand detection coverage across various attack vectors. These results are then processed by a proprietary tool that performs multi-round deduplication and evaluates the alerts for semantic validity and usability. By removing irrelevant data, the system effectively eliminates alert fatigue that typically slows down development cycles.
This technical precision is supported by a dynamic knowledge base, a system that incorporates a live feed of real-world exploits and emerging attack patterns. Rather than relying solely on static training data, the system applies current threat intelligence at the time of inference. This allows the AI auditor to act as a force multiplier for security professionals, handling basic detection and pre-audit triage so that human experts can focus on complex protocol-level risks.
This launch marks a broader industry shift toward integrating security directly into developers’ workflow. Its modular design enables deep customization for fast-moving decentralized financial projects and highly compliant institutional environments.
