Have you been through any sort of audit like SOC 2 or ISO 27001? Can't see any enterprises even engaging in a conversation without something like that.
As a person who works in security in a large enterprise, I'd expect some kind of audit, pentest results, and more available in some type of trust center. And that's before we even send a security questionnaire that digs into your processes and controls.
No we have not yet been through any of these audit at this point, but totally agree that we should get them done asap before selling to enterprises. Thanks for the feedback!
I see on the landing page a screenshot with "Test for GDPR PII compliance", suggesting that this tool is probably not ready for any serious usage.
Anyone in the regulation landscape would know that GDPR is a EU data protection law, and PII a US concept which doesn't apply in the GDPR. The GDPR uses the concept of ‘personal data’, not ‘personally identifiable information’. This is not just a wording issue. Redacting, masking, removing information which appears to be ‘personally identifiable’ only constitutes pseudonymisation in the GDPR which does not offer any meaningful privacy protection.
Thanks for the feedback! We agree that this tool is definitely not ready for serious usage at this stage, it would require heavy tuning and testing before wide adoption
-> I'd move away from enterprise and try to aim for hobby coders with a micro transactions.
Thanks! That's actually an interesting point. We've been trying to reach out to enterprise and get some early users + feedback from them, we will start reaching out to hobby coders or even vibe coder to try out the product as well
I believe this was just a joke. I bet only heavily regulated enterprises would be interested in a product like yours, to checkmark their compliance sheet. Regular coders and smaller businesses won’t care.
Thanks for the feedback! We've had a few inbounds from early stage startups that try to sell to regulated industry so our assumption here is small startups might need our tool if they are targeting highly regulated industries(we could be completely wrong tho)
Joke or not, it actually made me consider reaching out to vibe coders, but yeah we are still validating the need
For the record this is not a joke, This is a very active need for alot of vibecoders. They know they need security but they don't know how/what they are missing.
Check out the Supabase or Lovable reddits, people reporting that they got stung by mass bot signups etc every other day.
Sure these are complex apps but they are trying to launch the next big thing.
If your paying $20 a month for an LLM coding app whats a $5 fee to get a once over before launch?
I imagine this will keep the lights on as you try an land the corporate whales.
As a person who works in security in a large enterprise, I'd expect some kind of audit, pentest results, and more available in some type of trust center. And that's before we even send a security questionnaire that digs into your processes and controls.
Anyone in the regulation landscape would know that GDPR is a EU data protection law, and PII a US concept which doesn't apply in the GDPR. The GDPR uses the concept of ‘personal data’, not ‘personally identifiable information’. This is not just a wording issue. Redacting, masking, removing information which appears to be ‘personally identifiable’ only constitutes pseudonymisation in the GDPR which does not offer any meaningful privacy protection.
also thanks for flagging the GDPR issue!
Though the "Privacy" link on your homepage doesn't work
Do you use scanned repositories for training or other purposes?
-->Do you use scanned repositories for training or other purposes?
No we do not use the scanned repo for training or other purposes
Thanks! That's actually an interesting point. We've been trying to reach out to enterprise and get some early users + feedback from them, we will start reaching out to hobby coders or even vibe coder to try out the product as well
Joke or not, it actually made me consider reaching out to vibe coders, but yeah we are still validating the need
If your paying $20 a month for an LLM coding app whats a $5 fee to get a once over before launch? I imagine this will keep the lights on as you try an land the corporate whales.