Theori brings Xint Code to market for large-scale AI code security analysis

Theori has made Xint Code commercially available, an LLM-native static application security testing (SAST) tool capable of analyzing millions of lines of source code, configuration files, and binaries in less than 12 hours.

Xint Code’s approach to deep scanning and contextual analysis of massive codebases helps application security teams identify, reproduce, validate and understand the real-world critical vulnerabilities in applications. It uses LLMs combined with a proprietary orchestration engine to scan and analyze each line of code from a context and business logic perspective. This dramatically reduces false positives and helps defenders quickly prioritize the vulnerabilities that matter.

Attackers are increasingly using AI to surface critical vulnerabilities and security teams are struggling to stay one step ahead. SAST solutions can find known software vulnerabilities but also produce a high rate of false positives and trivial findings.

Human penetration testers can find more subtle business context vulnerabilities that are often exploited by attackers (like ecommerce carts allowing negative item quantities), but can’t do so at scale. Generally available AI coding assistants have context and attention window limits that prevent them from scanning entire codebases and prioritizing their results. Xint Code solves all three problems, offering human-level insight at machine-level speed and scale.

In a new research report, Theori shows how Xint Code was used to identify a severe vulnerability that enabled data exfiltration and arbitrary code injection that had been undetected for over two decades in the popular PostgreSQL open source project (which powers transactional and analytical workloads across SaaS, finance, telecom, and government deployments).

The report explains why SAST tools, human pen testers, and even next-gen AI tools missed this vulnerability, and how both attackers and defenders can now scan millions of lines of code in just a few hours to find critical vulnerabilities in massive, legacy code bases.

“Critical vulnerabilities often stay hidden because traditional scanners miss business logic flaws and manual reviews can’t scale across hundreds of millions of lines of code,” said Andrew Wesie, CTO at Theori. “But LLMs are changing this. What would take pen testers weeks or months to find — if they know what to look for — Xint Code surfaces in hours. And it doesn’t just flag potential issues; it tells you exactly how an attacker would trigger the exploit and what the impact is.”

Key capabilities of Xint Code include:

• Human-level insight into business logic vulnerabilities – Orchestrates multiple AI models to analyze code with contextual understanding, finding business logic flaws that traditional scanners miss entirely.
• Signals over noise – A multi-stage analysis pipeline verifies the severity and exploitability of every vulnerability before reporting, reducing false positives that drain security teams.
• Trigger and impact narratives – Every finding includes step-by-step reproduction instructions and real-world impact assessment, so teams can prioritize the vulnerabilities that actually matter.
• Zero friction deployment – Upload a repo and start scanning. No formatting, packaging or harness configuration required.