Tom’s use of a tool that scans repos for vulnerabilities and applies fixes suggests a service model for automated code security.
