OpenAI shipping Codex Security, Anthropic's Claude finding 22 CVEs in Firefox in two weeks, and Microsoft treating AI agents as governed security principals all point to the same inflection: the industry is racing to close the security gap that AI coding tools opened. With research showing only 10% of AI-generated code is both functional and secure, the companies that created the problem are now building the remediation layer — and the ones who move fastest will own the trust infrastructure for the agent era.