ZAST.AI is a security research lab that develops AI-powered agents for automated vulnerability research. The company's core offering is an AI agent designed to analyze source code logic, identify security vulnerabilities, generate proof-of-concept (POC) exploits, and verify exploitability — all without producing false positives and without requiring manual confirmation. The platform emphasizes three key capabilities it refers to as "Triple ZERO": - ZERO-Day Vulnerability discovery: identifying previously unknown vulnerabilities in software - ZERO False Positives: all reported findings are confirmed vulnerabilities, not noise - ZERO Manual Confirmation: the AI agent independently verifies exploitability without human intervention ZAST.AI publishes its discovered vulnerabilities as CVEs (Common Vulnerabilities and Exposures), having disclosed 152 CVEs to date. Examples of software analyzed include open-source projects such as xuxueli/xxl-job and minio/minio. The company positions itself as contributing to the global software security ecosystem through automated, AI-driven vulnerability disclosure. Its technology targets software codebases broadly, making it relevant to software developers, security researchers, and organizations seeking to identify exploitable weaknesses in their applications. ZAST.AI is backed by Zoo Capital and Hillhouse Capital, both of which are investment firms with strong ties to the Asia-Pacific region, suggesting the company is based in that geographic area.