Summary of publicly available information collected from nullify.ai and docs.nullify.ai. Product positioning: "Nullify: The AI Security Engineer automating your entire product security lifecycle." The site presents Nullify as an AI workforce that behaves like a human security engineer to reduce manual hours and consolidate multiple tools. Core capabilities highlighted on the homepage and in docs: Triage, Campaigns, Vault, and Assessments. Triage: context-rich scoring of vulnerabilities by exploitability (runtime reachability, network exposure, AWS context) and organization-specific impact using Vault-stored risk models. Campaigns: converts validated issues into remediation drives (select issues from Jira, assign developers, generate merge-ready PRs in GitHub, use CI logs to refine fixes, escalate to meet SLAs). Vault: long-term organizational memory (policies, bounty reports, cloud architecture, repo metadata) used to suppress noise and adapt to risk posture. Assessments: produce reproducible exploit hypotheses by reasoning about code, access control and cloud identity, then test them; only impact-verified findings are reported with proofs-of-exploit. Integrations and automation described: Jira, GitHub, Slack integrations; CI log analysis; cloud account integrations (AWS context explicitly mentioned); continuous 24/7 operation; automated ownership assignment and Slack escalation. Documentation (docs.nullify.ai) describes onboarding flow (connecting repos and cloud accounts, building a knowledge graph mapping code ownership, teams and tech stack), continuous assessments and triage (SAST-like code reasoning, dependency CVEs, IaC misconfigurations, secrets scanning, external attack surface discovery, reachability/exploit attempts and validation), program management (backlog maintenance, threat research, exploit monitoring, team capacity tracking and customer-facing risk prioritization), automated remediation (production-ready PRs tailored to code patterns, consult CI logs, respond to reviewer comments, escalate/remind to meet SLAs), and learning/adaptation from developer feedback. Site-provided metrics/claims shown on the homepage: examples include "454 vulnerabilities auto-resolved," "41,757 hours saved," "89% merge-ready rate," and "923 exploit hypotheses generated." These are vendor-provided claims and were noted as needing independent validation. Pages that were unreachable or returned errors during collection: /pricing (https://www.nullify.ai/pricing) returned a 404; /about (https://www.nullify.ai/about) returned a 404. Search snippets referenced pricing text ("Value-based pricing… USD $800 per dev/year (volume discount available)"), but the pricing page itself was inaccessible and that snippet is unverified and possibly outdated or cached. Documentation and other links located: docs.nullify.ai (product docs, API reference, install guides), docs API reference at /api-reference, demo/dashboard at https://app.demo.dev.nullify.ai/, and legal at https://www.nullify.ai/legal. Uncertainties and caveats: Pricing could not be confirmed because the /pricing page returned 404; the USD $800 per developer per year figure comes from a search snippet and is unverified. All homepage metrics/claims are vendor-provided and should be validated via trial, reference customers, or an in-depth demo. Recommended next steps (as collected from the original summary): 1) Confirm pricing and licensing by contacting sales or requesting a quote/demo and asking for up-to-date pricing tiers, minimums, and enterprise/custom pricing details. 2) Verify product claims by requesting a product demo or trial access to the demo dashboard and asking for customer references or case studies. 3) Explore documentation and API: review docs.nullify.ai for install/integration guides and API endpoints, and request demo app and API docs access for technical evaluation. 4) Confirm data handling and security: request SOC2/ISO/compliance status, data residency details, Vault storage semantics, and what data is transmitted to Nullify. 5) If desired, prepare a one-page vendor summary, pros & cons, and an integration checklist or a draft questionnaire to send to Nullify sales. Notes on verification: No live pricing page content could be verified at the time of collection. Demo/dashboard and API docs links were found and may allow further verification if access is granted.