Blog
Technical deep-dives on protecting proprietary code from LLM APIs.
Six major AI security incidents in 12 months prove we are in the pre-firewall era of AI security. Just as network firewalls became mandatory in the 1990s, AI firewalls will become mandatory in the 2020s.
Samsung engineers leaked semiconductor source code to ChatGPT three times. Samsung banned ChatGPT. Engineers kept using AI anyway. Here is the lesson.
A critical vulnerability in LiteLLM AI proxy could intercept all AI API traffic. Here is why local-first, open-source AI security beats cloud proxy architectures.
When CISA officials used ChatGPT for sensitive government work, it proved that policy without technical enforcement fails. Here is why AI firewalls are the answer.
A missing noindex tag exposed thousands of private ChatGPT conversations to search engines. Here is what happened and why code mutation would have made the leaked data useless.
The Axios npm package was compromised with a remote access trojan that exfiltrated source files. Here is what happened and why code mutation is your last line of defense.
LayerX Security found that 40% of enterprise files uploaded to ChatGPT contained PII or PCI data. GenAI is now the #1 data exfiltration channel. Here is what happened and how Pretense stops it.
The problem of protecting proprietary code from AI systems does not get solved by better models. It gets worse. Here is why AI code security is a permanent category and what the next three decades look like.
The breaches that defined AI security in 2025: code leaked through Cursor, API keys exposed in Claude sessions, enterprise IP in Copilot context windows. Here is exactly how Pretense prevents each attack vector.
A clear, visual walkthrough of Pretense's request flow, mutation algorithm, and 30-second deployment. After reading this, you know exactly what Pretense does and how to run it.
A synthetic composite showing how a regulated FinTech team deployed Pretense after a CISO stop-work order, protected 2.3M proprietary identifiers, and maintained 94% developer productivity with a full SOC2 audit trail.
Redaction tools remove information from prompts, but they break LLM context and output quality. Here's why mutation (replacing identifiers with semantically equivalent synthetics. That is the right approach.
Nightfall is the incumbent in AI data loss prevention. We did a detailed technical and cost comparison. Here is how Pretense stacks up on every dimension that matters to enterprise security teams.
Claude Code is transforming how engineers write code. But every prompt you send contains proprietary identifiers. This guide shows exactly how to route Claude Code through Pretense in under 5 minutes.
The mutation algorithm being documented is a feature, not a bug. If the algorithm is public knowledge, security does not depend on keeping it secret. It depends on keeping your mutation keys private. Like SSL: the protocol is public, your certificate is private.
SOC2 CC6.7 and CC7.2 now effectively require demonstrating control over AI tool usage. Here is a practical guide with ready-to-use control documentation, the four artifacts your auditor wants, and a template control statement you can use today.
Most developers do not think about what they are sending to AI tools. This is a practical primer on what leaves your machine, where it goes, what is actually at risk, and three rules every developer should follow before using AI on production code.
Most companies prohibit sending proprietary code to external APIs. It is in the employee handbook you did not read. Here is how to use AI tools anyway, pragmatically and safely.
Pretense started as a solution to our own problem. We were using Claude to build Pretense, and realized we were sending proprietary code to Anthropic. Here is the full story.
Most security tools are black boxes. Pretense's mutation engine is fully documented and auditable. Here is why that decision makes Pretense more trustworthy, not less.
Opinionated predictions on where AI security is heading: audit trails, breach incidents, data residency law, mutation replacing redaction, and the CISO evolving from gatekeeper to architect.
From a single CLI package to a 17-package monorepo with VS Code extension, GitHub Action, MCP server, and dashboard. Here is what changed and what we learned.
Code mutation replaces proprietary identifiers with semantically equivalent synthetics before sending to LLM APIs. Unlike redaction, it preserves context so the AI still produces useful output. Here is how it works and why it is the right architectural choice.
GitHub Copilot sends your code to Microsoft servers. For most teams that is acceptable. For teams with proprietary algorithms, client contracts, or regulated data, it requires a protection layer. Here is a practical guide to using Copilot safely.
AI coding tools are now standard developer infrastructure. For CISOs, that creates a new attack surface: every code completion, every prompt, every context window is a potential data exfiltration channel. This guide covers the threat model, control framework, and enforcement mechanisms.
SOC2 Type II auditors are increasingly asking about AI tool usage controls. CC6.7 requires demonstrating that third-party data access is controlled. If your team uses Copilot, Cursor, or Claude, you need a documented control. Here is what to build.
Cloud DLP tools scan your data after it reaches their servers. For AI coding tools, that is too late: the data left your network the moment the developer hit autocomplete. Local-first security stops exfiltration before transit, not after.
Manual code review catches some secrets and proprietary identifiers before AI prompts are sent. But it catches roughly 40% of them, introduces 2-3 day delays, and does not scale with team growth. Here is a detailed comparison.
Financial services firms face stricter data handling requirements than most industries. Sending proprietary trading algorithms or client-identifying code to AI APIs creates real regulatory exposure. Here is how regulated FinServ teams are solving this without blocking developer productivity.
HIPAA does not prohibit using AI coding tools. It prohibits sending protected health information to unauthorized parties. If your codebase references patient data structures, claim identifiers, or PHI schemas, standard AI tools create real compliance exposure. Here is how to close the gap.
A practical security policy template for CISOs managing AI coding tool adoption. Covers the four questions every policy must answer, tool approval process, data classification requirements, audit evidence, and Pretense as the enforcement layer.
A detailed comparison of Claude Code and GitHub Copilot data handling, IP exposure risks, training opt-out defaults, and enterprise contract protections. Mutation resolves the core risk for both tools.
The expected cost of IP exposure from AI coding tools: $250K per incident, scaled by probability. A full ROI model showing Pretense pays for itself via audit time savings before counting any incident it prevents.
How AI coding assistants create PHI exposure risk through code structure and identifier names, not just data values. Mutation as a HIPAA technical safeguard, and how the Pretense audit log satisfies HIPAA documentation requirements.
The specific SOC2 Type II questions auditors ask about AI coding tool usage in 2026, the full evidence package they expect, and how the Pretense audit log satisfies each criterion including CC6.7 and CC7.2.
The five most common ways AI coding tools leak proprietary code: function names revealing business logic, variable names exposing architecture, comments as training data, secrets inferred from context, and refactoring requests exposing complete internal APIs. With real examples and prevention for each.
Why redaction degrades LLM output quality to 58.5% of baseline while mutation preserves 92.5%. A technical comparison of NER-based DLP, regex redaction, and deterministic mutation, with benchmark data and the round-trip problem explained.
Step-by-step guide to routing Claude Code through the Pretense proxy. Covers what Claude Code actually transmits to Anthropic, installation, the ANTHROPIC_BASE_URL configuration, verifying protection via the audit log, and team-wide rollout options.
Honest review of Gitleaks, Semgrep, Trivy, detect-secrets, truffleHog, and Pretense. What each tool does, install time, false positive rate, and what it misses. Pretense is complementary to all of them: they scan static code, Pretense protects at the AI API boundary.
How security leaders should evaluate and roll out AI coding tools without creating IP exposure risks. Covers the policy gap (67% of enterprises have no AI coding policy), risk matrix by tool, a 5-question approval checklist, what to log, and incident response when code does leak.
The technical story behind the Pretense Rust scanner rewrite. TypeScript was taking 50ms per scan, blocking the proxy hot path. Rust with Rayon and NAPI bindings brought it to 1.82ms. Includes benchmark methodology, the djb2+SHA-256 mutation algorithm, and lessons learned.
One email per week. Technical depth. No marketing fluff.