Detecting sensitive data shared with OpenAI

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
hardware-buttons linkedin-bot template-engine-js

InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  1. bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    Hi HN,

    I'm Guillaume, the founder of Bearer, an Open Source code security scanning tool. Despite the buzz around generative AI (which, as a reader of HN, you've likely encountered), we've also heard concerns from security teams.

    When using OpenAI’s developer APIs (and other LLMs), considering how Generative AI model works, essentially the more you give, the better you receive, we essentially open the door to “overshare” information. For example, If you are building an AI assistant into your travel booking app, sending sensitive data as customer information becomes highly probable. Though, as with any shared data, this does present important security and privacy risks that we can’t overlook, hence the fear of security teams.

    To address these risks, we must have explicit policies and a culture of privacy and security within the organization. We should treat generative AI models like any other third-party dependency, assessing them for vulnerabilities and safeguarding customer data. Of course, having appropriate tooling also helps.

    That's why we've added a new set of rules to Bearer CLI, our open-source static analyzer, that explicitly checks for OpenAI usage. Combined with our sensitive data detection capability, this feature can alert you and your team if your code is sending sensitive data it shouldn't be.

    You can find a link to Bearer CLI and the specific OpenAI ruleset in the following URLs:

    Bearer CLI: https://github.com/bearer/bearer

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo

  3. bearer-rules

    Rules for Bearer SAST

    Let me know if there is anything you would like to improve.

    Link to the Rule https://github.com/bearer/bearer-rules/blob/main/javascript/...

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • 🛡️ Scan and Protect Any App in 5 Minutes with Bearer CLI (SAST for Everyone)

    2 projects | dev.to | 20 Apr 2025

  • Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python

    1 project | news.ycombinator.com | 26 Oct 2023

  • How to scan your ruby or JS project for security improvements, for free.

    2 projects | dev.to | 27 Mar 2023

  • Open-source Static Code Analysis tool with sensitive-data prioritization

    1 project | /r/netsec | 7 Mar 2023

  • New Open Source SAST focused on sensitive data

    1 project | /r/SAST | 7 Mar 2023

Did you know that C is
the 6th most popular programming language
based on number of references?

Loading...