Table of contents

Independence is the moat

Independence is the moat - Featured image Independence Is the Moat

Why the independent layer keeps winning as the models get better, not despite them.

This series has been building to one question, and it is the objection every honest reader has been holding since the first piece. If the frontier models keep getting better this fast, why does an independent security layer keep winning? Why not wait for the model that writes safe code and verifies its own work? The trust argument, the cost argument, and the real intrusion all pointed the same direction, but they left the hardest question for last. Not why independence matters today, but why it keeps mattering as the models improve.

The answer is that independence is not a gap the models are closing. It is a property they structurally cannot have. And the specific advantages that make it real, the data, the breadth, the neutrality, all compound as generation accelerates. The faster the models get, the wider the lead grows.

Quality yields to a better model. Trust does not.

Start with the distinction that everything rests on. A quality problem yields to a better process or a better model. If the code the model writes is buggy, a more capable model writes less buggy code, and the problem shrinks with every release. That is real, and it is why the models are so impressive.

A trust problem does not work that way. You can improve the writer forever and the blind spot rides along, because the thing you are trying to verify is the output of the same reasoning that produced it. A model asked to check its own work grades the story it told itself.

This is why “wait for the better model” is the wrong bet. Every generation makes the writer better, and every generation leaves the trust problem exactly where it was, because the trust problem was never about capability. It was about position. The auditor cannot be the author, no matter how good the author gets.

Independence has a history longer than AI

There is a temptation to treat this as a new, AI-specific insight. It is the opposite. Independence is the oldest rule in serious engineering. Safety-critical fields, medical devices, avionics, automotive, have kept the validator structurally separate from the builder for decades, because an unverified line could cost a life. The independence of the check from the thing being checked is not a preference in those fields. It is a requirement, written into how they are regulated.

What AI did was collapse the review budget until that discipline had to leave the regulated corner and go everywhere. When a human wrote every line, review was expensive but the volume was human-scaled. When a model writes the code, the volume explodes and the old review model breaks, and suddenly every organization shipping software faces the problem that only safety-critical fields used to. The rule did not change. The blast radius did.

And trust in that world was never binary. It is graded assurance tied to evidence: not “is this safe, yes or no,” but “how much confidence do we have, backed by what proof.” That reframing matters, because it points directly at what an independent layer actually accumulates.

The moat, in order of strength

If independence is the position, the moat is what makes that position defensible. Three advantages, each of which the labs are not building, and each of which grows as AI generation accelerates.

The data. Mend.io has scanned across thousands of enterprise codebases, continuously, for fifteen years. The frontier models read code at enormous scale, far more than we ever will, but reading code is not the same as knowing what happened to it. The models see public snapshots. They do not see your private enterprise estate, and they do not carry the outcome labels that make security data useful: which finding was actually reachable, which was noise, which fix held and which regressed. Fifteen years of that, tracked across the same estates over time, is a record of how real code fails and gets repaired, not a crawl of how code looks. That is the evidence that turns trust from a claim into graded assurance, and it is the one asset that compounds every day the platform runs.

The breadth. The risk that matters is not only last week’s AI-written commit. It is the whole estate: years of accumulated architecture, transitive dependencies buried layers deep, legacy services no model wrote and no team still owns. Mend.io covers that surface, SCA across open source and its transitive graph, SAST on proprietary code, reachability to tell what is actually exploitable rather than merely present, containers, the dependency layer through Mend Renovate. A frontier model pointed at a repository sees the repository. The independent layer sees the estate, including the parts written long before any model touched them.

The neutrality. Mend.io is code-generator agnostic, providing unbiased security regardless of how the code was created. Cursor, Copilot, Claude Code, Codex, or a human typing in 2015, the verification is the same because it judges the artifact, not the author. This is the position no lab can hold, and not because they lack the engineering. No AI platform will position itself as the independent auditor of its rivals’ output, and none can credibly audit its own. Neutrality is structurally unavailable to the companies building the generators. It is only available to a layer that builds none of them.

Detection was the old game. Remediation is the moat.

Here is where the independent layer stops being a principle and becomes the product, the promise the last piece left open.

Detection is commoditizing. The frontier models made finding vulnerabilities cheap and loud, and every scanner on the market can produce a long list of findings. A list of findings is not security. It is a to-do pile, and in the agentic era it is a to-do pile that grows faster than any team can work it.

The value has moved to what happens after the finding: triage that separates the reachable and exploitable from the noise, prioritization against real risk, and remediation that turns a confirmed weakness into a shipped fix at the speed the attacker can turn it into an exploit. Mend.io’s remediation runs on the data moat. Because the platform has watched how this class of vulnerability got fixed across thousands of codebases, its remediation is grounded in outcomes that worked, not in a model’s guess. Mend Renovate closes the dependency surface at community scale, automated updates across more than a billion downloads of signal. AI-based remediation workflows close the rest, with the human on the calls that need judgment and the machine on the volume that would otherwise bury them.

And remediation is where independence pays off twice. A model that remediates its own output is back to grading its own story, the same trap the whole series has traced. Independent remediation, grounded in evidence from the estate rather than in the reasoning that wrote the code, is the version that a CISO can actually trust and a regulator can actually accept.

Why the lead widens

Put the three advantages next to the one force reshaping the industry, and the conclusion is uncomfortable for anyone betting on the models to close the gap.

More AI-generated code means more findings. More findings run through the platform means more remediation outcomes. More outcomes means a richer record of what breaks and what fixes, which makes the verification and the remediation sharper, which makes the data moat deeper. The exact thing that makes the trust problem worse for everyone else, the acceleration of generation, makes the independent layer stronger. The flywheel turns the right direction, and it turns faster as the models improve.

That is the asymmetry that matters, and it is not an asymmetry with other security vendors. It is with the labs. A lab can ship a better model every quarter, and it changes nothing about the position: the company that builds the generator cannot be the neutral party that audits it, cannot see the private estate it was never given, and cannot escape grading its own output. Those are not gaps a release closes. They are structural, and they apply to every frontier lab no matter how capable the model gets. Independent application security is the only place that neutrality can live, because it is the only place that builds none of the generators.

The bottom line

The models will keep getting better. That is the safe prediction, and it is exactly why independence is the safe bet. Better models write more code, faster, which makes verification and remediation more valuable, not less. They make the writer stronger and leave the auditor’s job untouched, because the auditor’s job was never a capability problem.

Security in the agentic era comes down to a position, not a model. The layer that verifies and remediates has to sit outside what wrote the code, cover the whole estate, stay neutral across every generator, and compound its evidence over time. That is not a roadmap. It is what independent application security already is, and it is the one thing the frontier models, for all their speed, are structurally unable to become.

That is the moat. It always was. The models just made it impossible to ignore.

Increase visibility and control over the AI components in your applications

Mend AI

Recent resources

Independence is the moat - Featured image AI Governance Platforms for Enterprises 1000x650

Best AI Governance Platforms for Enterprises: Top 6 in 2026

The top 6 AI governance platforms for enterprises in 2026, compared.

Read more
Independence is the moat - Featured image AI Governance Implementation Strategies

9-Step AI Governance Implementation Strategy and the Solutions to Know

9 AI governance implementation strategies, plus 14 tools to know.

Read more
Independence is the moat - Featured image Evaluating AI Security Posture Management Tools 1000x650

Evaluating AI Security Posture Management Tools: 7 Key Criteria

Compare 7 criteria and the top AI-SPM tools.

Read more