Key Takeaways:
- Certik launched its AI Auditor, a tool which has achieved an 88.6% hit rate in tests against 35 security incidents.
- Ronghui Gu says the tool shifts the Web3 industry toward high-signal, always-on defense for 2026 workflows.
- Certik will next scale its modular AI architecture across DeFi and high-compliance institutional environments.
Real-World Testing
Certik, a Web3 security platform, said Tuesday, April 7, that it has officially transitioned its artificial intelligence (AI) auditor from an internal powerhouse to a public-facing solution. This launch, bolstered by open-source integrations for AI coding agents, marks a pivotal shift in Certik’s AI-first security roadmap, moving from reactive auditing to proactive, “always-on” defense.
According to a media statement, the system achieved an 88.6% exact hit rate in backtests against 35 major Web3 security incidents this year. The system identified critical vulnerabilities while successfully minimizing the “noise” that often plagues automated tools.
“The question is no longer simply whether AI can find vulnerabilities, but whether it can genuinely help development teams surface the security issues worth addressing, earlier,” said Ronghui Gu, co-founder of Certik. “By filtering out endless false positives, our AI Auditor delivers high-signal, actionable clarity—turning security from a bottleneck into an accelerator.”
The system’s low-noise capability is powered by a layered architecture that begins with the Multiscanner Framework. Unlike single-model tools, this framework runs specialized scanners in parallel to expand detection coverage across various attack vectors. These findings are then processed by a proprietary tool that performs multi-round deduplication and evaluates alerts for semantic validity and exploitability. By suppressing irrelevant data, the system effectively eliminates the alert fatigue that typically slows down development cycles.
This technical precision is supported by a Dynamic Knowledge Base, a system that incorporates a live feed of real-world exploits and emerging attack patterns. Rather than relying solely on static training data, the system applies current threat intelligence at the moment of inference. This allows the AI Auditor to act as a force multiplier for security professionals, handling baseline detection and pre-audit triage so human experts can focus on complex, protocol-level risks.
The launch signals a broader industry shift toward embedding security directly into the developer workflow. Its modular design allows for deep customization across fast-moving decentralized finance projects and high-compliance institutional environments alike.
