Developers can finally own security

Arcjet's founder argues that AI coding agents can now close the long-standing gap between developers and security teams. With tools like Cursor or Claude Code plus the Arcjet plugin and MCP server, agents can identify which routes need protection, apply the right SDK rules in dry-run mode, analyze live traffic, and open pull requests promoting rules to production — all within the normal developer workflow. This shifts routine security work (rate limiting, bot detection, prompt injection checks) into the same pull request as the feature code, leaving security engineers free for higher-leverage tasks like threat modeling and incident response.