Detecting sensitive data shared with OpenAI

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Appsec Compliance Devsecops devsecops-tools Security

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    • Hi HN,

    I'm Guillaume, the founder of Bearer, an Open Source code security scanning tool. Despite the buzz around generative AI (which, as a reader of HN, you've likely encountered), we've also heard concerns from security teams.

    When using OpenAI’s developer APIs (and other LLMs), considering how Generative AI model works, essentially the more you give, the better you receive, we essentially open the door to “overshare” information. For example, If you are building an AI assistant into your travel booking app, sending sensitive data as customer information becomes highly probable. Though, as with any shared data, this does present important security and privacy risks that we can’t overlook, hence the fear of security teams.

    To address these risks, we must have explicit policies and a culture of privacy and security within the organization. We should treat generative AI models like any other third-party dependency, assessing them for vulnerabilities and safeguarding customer data. Of course, having appropriate tooling also helps.

    That's why we've added a new set of rules to Bearer CLI, our open-source static analyzer, that explicitly checks for OpenAI usage. Combined with our sensitive data detection capability, this feature can alert you and your team if your code is sending sensitive data it shouldn't be.

    You can find a link to Bearer CLI and the specific OpenAI ruleset in the following URLs:

    Bearer CLI: https://github.com/bearer/bearer

  • bearer-rules

    Rules for Bearer SAST

    • Let me know if there is anything you would like to improve.

    Link to the Rule https://github.com/bearer/bearer-rules/blob/main/javascript/...

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python

    1 project | news.ycombinator.com | 26 Oct 2023

  • How to scan your ruby or JS project for security improvements, for free.

    2 projects | dev.to | 27 Mar 2023

  • Open-source Static Code Analysis tool with sensitive-data prioritization

    1 project | /r/netsec | 7 Mar 2023

  • New Open Source SAST focused on sensitive data

    1 project | /r/SAST | 7 Mar 2023

  • Bearer, Open Source SAST focused on sensitive data

    1 project | /r/devsecops | 7 Mar 2023