The IT Nerd

Detectify has announced the launch of the Detectify MCP (Model Context Protocol) Server, a new integration layer that brings Detectify’s security testing engines directly into AI-driven development workflows, helping coding agents find and validate exploitable vulnerabilities and interpret attack surface data with unprecedented precision.

As organizations increasingly rely on AI agents to write, refactor, and modernize code, software production is accelerating faster than many security teams can realistically review or govern. Whether through official engineering initiatives or shadow AI adoption by developers eager to speed up work, AI-assisted development can help eliminate some common coding mistakes. It is also dramatically increasing the volume of software, services, APIs, and infrastructure organizations must continuously track and secure. The result is a growing visibility and governance challenge, compounded by shadow IT and shadow AI adoption, where organizations may write cleaner code while simultaneously losing track of what they are deploying and exposing.

The Detectify MCP Server is designed to close that gap by giving AI agents a standardized way to augment development and security workflows with AI-assisted access to Detectify findings and capabilities, allowing them to access and act on real-time security findings as part of autonomous development workflows. Rather than relying on periodic reviews or delayed security handoffs, organizations can embed continuous validation more directly into the software delivery process as code, infrastructure, and services evolve.

Key MCP Server capabilities include:

• “Find & Fix” Automation: Instead of security findings landing in a static backlog, they can now be handed directly to AI agents as structured remediation tasks. Agents can generate a patch, trigger a Detectify validation scan to confirm the vulnerability is resolved, and present a verified fix for human review.
• Conversational Command: Query scan results, monitor asset status, and surface high-severity findings through natural-language interactions connected to the Detectify MCP Server.
• Frictionless Setup: A lightweight configuration allows organizations to connect their preferred AI tools to the remotely hosted Detectify MCP server for simplified deployment and connectivity.

Traditional application security workflows were built around slower development cycles, where human review and periodic testing could reasonably keep pace with software delivery. In modern AI-assisted environments, those assumptions are increasingly breaking down as code, infrastructure, and services evolve continuously.

The launch reflects a broader shift in AppSec toward continuous, real-time security validation. While LLMs excel at reasoning, frontier models operate at a speed and cost-profile that makes large-scale security testing impossible. Detectify solves this by monitoring millions of changing domains using compiled, deterministic code, while the MCP Server combines that scale with agentic workflows to help security operate at the same velocity as engineering.

As AI-assisted development continues to accelerate engineering velocity, organizations face increasing pressure to move beyond one-time security reviews and maintain continuous visibility into what exists across their attack surface.

The Detectify MCP Server will be available soon as part of Detectify’s continued investment in AI-native application security. For more information, visit Detectify.com.

Following up on the recent news of Russia linked threat actors targeting Signal, WhatsApp and Telegram Fredrik Almroth, co-founder and Security Researcher at appsec security firm Detectify serves up some perspective on how messaging apps and personal devices are becoming an increasingly important part of the real attack surface.

“The broader lesson is that organizations should stop treating secure messaging as a silver bullet. Strong encryption matters, but it does not protect you if the endpoint is compromised or the account itself is hijacked. What makes this trend so concerning is that it blurs the line between consumer technology and resilience infrastructure. Messaging apps, smartphones, and linked devices are now woven into how governments, companies, and critical sectors actually function – often adopted at a velocity that traditional security struggles to match.

Modern defense is no longer just about protecting official systems, but about protecting the communications reality people actually operate in. The attack point is often not the ‘secure bunker,’ but the phone in someone’s pocket. From an attacker’s perspective, these channels are attractive precisely because they are trusted, ubiquitous, and often far less visible to defenders than formal enterprise systems. If hostile actors can reach decision-makers, staff, or even suppliers through trusted channels, they can bypass a surprising amount of traditional security.

Often, they do not need to break encryption at all. They just need to compromise the device, hijack the account, abuse a linked-device workflow, or trick the user at the right moment. This is why the communications layer around sensitive institutions is now part of the real attack surface.

In practice, that means paying far more attention to mobile-device hygiene for executives and other high-risk personnel. You don’t just need to secure the network, but also improve the communications habits around your it. Smart attackers will always go for the points of least resistance.You can spend millions hardening formal systems, but if your most sensitive conversations are happening on poorly governed devices and trusted consumer apps, that’s where they’ll go.”