HoundDog.ai helps builders forestall private info from leaking

HoundDog.ai, a startup that helps builders guarantee their code doesn’t leak personally identifiable info (PII), got here out of stealth Wednesday and introduced a $3.1 million seed spherical lead by E14, Mozilla Ventures and ex/ante, along with a variety of angel buyers. In contrast to different scanning instruments, HoundDog really appears to be like on the code a developer is writing, utilizing each conventional sample matching and huge language fashions (LLMs) to seek out potential points.

HoundDog was based by Amjad Afanah, who beforehand co-founded DCHQ, which was later acquired by Gridstore (which, to complicate issues, then modified its title to HyperGrid) in 2016. Afanah additionally co-founded apisec.ai, which remains to be up and working, and labored at self-driving startup Cruise. The inspiration for HoundDog got here throughout his time at knowledge safety startup Cyral and speaking to privateness groups there, he instructed me.

Picture Credit: HoundDog.ai

“Once I was at Cyral, we had lots of knowledge,” he stated. “What Cyral does — like many others within the knowledge safety area — is that they concentrate on manufacturing methods. They aid you uncover, classify your structured knowledge and your databases, after which aid you apply entry controls. However the overwhelming suggestions that I saved listening to from safety and privateness groups alike was: ‘You realize, it’s a bit too reactive and it doesn’t sustain with the modifications within the code base.’”

So HoundDog shifts this course of even additional left. Whereas it nonetheless sits within the steady integration circulation and never but within the growth surroundings (although that will occur sooner or later), the thought right here is to seek out potential knowledge leaks earlier than the code is merged. And most significantly, HoundDog does so by trying on the precise code, not the info circulation it produces. “Our supply of fact is the code base,” Afanah stated.

Picture Credit: HoundDog.ai

Because of this, if a growth crew begins gathering Social Safety numbers, for instance, HoundDog would elevate a flag and warn the crew about that earlier than the code is ever merged; it might additionally alert the safety crew. That might probably be a significant — and dear concern — in spite of everything.

The service at the moment helps code written in Java, C#, JavaScript and TypeScript, in addition to SQL, GraphQL and OpenAPI/Swagger queries. Help for Python is imminent, the corporate says.

Afanah famous {that a} instrument like that is turning into particularly vital on this age of AI-generated code, one thing Replit CEO (and HoundDog angel investor) Amjad Masad additionally echoed.

“As an rising variety of corporations flip to AI-generated code to speed up growth, embedding safety finest practices and guaranteeing the safety of the generated code turns into important,” Masad stated. “HoundDog.ai is main the best way in securing PII knowledge early within the growth cycle, making it an indispensable part of any AI code technology workflow. That is the explanation I selected to take a position on this firm.”

HoundDog itself does use AI, although, too. It at the moment depends on OpenAI’s fashions to take action, but it surely’s vital to emphasize that that is elective. Customers who fear about their code leaving their personal repositories can even select to solely depend on the corporate’s extra conventional code scanner.

A serious a part of HoundDog’s worth proposition is that it may possibly minimize compliance prices for startups because of its automated reporting capabilities. The service can robotically generate a document of processing actions (RoPA). To do that, HoundDog makes use of generative AI to generate these experiences and sends that knowledge to OpenAI. The crew does stress that solely the tokens the service has found by means of its common scanner are shared with OpenAI and that the precise supply code isn’t shared.

The corporate provides a restricted free plan, with paid plans beginning at $200/month for scanning as much as two repos.


Please enter your comment!
Please enter your name here