$
Pricing

Start free with both products. Scale when you are ready.

Two products, one simple model: the Privacy Code Scanner and the Dataflow Context Engine are free to start, with Enterprise tiers for continuous, org-wide coverage.

Privacy Code Scanner

Privacy code scanning for privacy and engineering teams

Catch sensitive data leaks and risky data flows directly in source code, then scale to continuous coverage, automated privacy reporting, and an org-wide RoPA workflow.

Free
$0free forever

A point-in-time privacy code scanner developers run locally to understand risky data flows before they ship. Get a GDPR sensitive datamap with data flow visualizations, traces, and code-level evidence directly from your source code. The scanner also detects Shadow AI usage and third-party integrations embedded in your codebase, with results generated as a local Markdown report. View a sample report.

Deployment
  • CLI access for on-demand scans
  • IDE plugins for VS Code, Cursor, and IntelliJ
Detection
  • Sensitive data leak detection across all supported languages
  • Shadow AI and third-party integration discovery
Reporting
  • GDPR sensitive datamap with data flow visualizations and traces
  • Local Markdown report with code-level evidence
For privacy teams
Enterprise
$200per developer / year
Only developers contributing to the scanned code repositories are counted.

Built for privacy and engineering teams that need continuous coverage across their entire codebases, with org-wide visibility into data flows, data elements processed, and subprocessors across every application.

Everything in Free, plus:
Platform: Your Cloud or Ours
CloudFully managed SaaS platform
On-PremisesRuns entirely inside your network
Both SOC-2 compliant, with SSO, RBAC, and audit logs
  • Network broker for self-hosted integrations
Deployment
  • Direct source code integrations with GitHub, Bitbucket, and GitLab, with automated CI configuration rolled out in minutes, not weeks
Customization
  • Custom rules and allowlists for org-specific data elements and data sinks
AI-Powered Analysis Optional
  • Embeds AI analysis across static findings: auto-closing false positives, adjusting severities, and adding deep context. Scanning still runs in your own environment on cheap CPU, fast and deterministic; AI only interprets the data flow traces the scanner has already detected.
Reporting
Governance
  • Org-wide RoPA workflow: DPOs send review requests, approve changes, track historical updates, publish RoPAs, and receive auto-suggested edits when the scanner detects new data flows or AI and third-party subprocessors
Alerting
  • Proactive alerting via Slack and email
  • Issue tracking integration with Jira and Linear
Compliance
  • Framework support for GDPR, CCPA, ISO 29100, NIST 800-53, and HIPAA
Support
  • Priority support with SLA via email and a dedicated private Slack channel
Dataflow Context Engine

API and dataflow context for AI coding agents

Give your AI agents a continuously updated graph of APIs and cross-service relationships, from a free local scanner to centralized, org-wide context.

Local Scanner
Free

Run it on your machine and plug it into any AI agent.

What you get
  • Scans whatever code is available on your machine
  • Provides local API graphs for documentation
  • Works with any MCP-compatible AI agent
  • Available as MCP Servers and Skills
  • Supports gRPC first (GraphQL and REST coming soon)
Cloud or On-Prem
Enterprise
Customcontact us for pricing

Centralized context for the entire organization, continuously updated across all code repos and cross-service relationships.

Platform: Your Cloud or Ours
CloudFully managed SaaS platform
On-PremisesRuns entirely inside your network
Both SOC-2 compliant, with SSO, RBAC, and audit logs
Coverage
  • Direct source code integrations with GitHub, Bitbucket, and GitLab, with automated CI configuration rolled out in minutes, not weeks
  • Auto-scans selected repos with no local checkout needed, providing centralized context across all code repos and cross-service relationships
  • Runs scans in CI and on every pull request
  • Keeps API graphs continuously updated org-wide
FAQ

Frequently asked questions

The Free tier supports Python, JavaScript, and TypeScript. The Enterprise tier adds C#, Go, Java, SQL, GraphQL, and OpenAPI. The Features table in our GitHub README always reflects the current list.

Enterprise pricing counts the developers who contribute to the code repositories being scanned. Developers who do not contribute to those repositories are not counted.

No. Scans run in your environment, and your code never leaves it. On the Enterprise tier, only scan findings and data flow insights are aggregated in the cloud platform, and an on-premises deployment is available if everything needs to stay inside your network.

Under the hood, the scanning engine is built in Rust, fully rule-based, and deterministic. The rule specification is expressive enough to model real-world code at compiler-level accuracy, while AI is used selectively to scale coverage across thousands of code patterns. This gives you the depth of LLM-based analysis without the cost, latency, or unpredictability. Code never leaves your environment, scans complete in seconds even across codebases with millions of lines, and the lightweight footprint means privacy scanning fits into CI pipelines without slowing anyone down.

LLMs can discover issues that traditional SAST tools miss, but they are slow, expensive, and non-deterministic. SAST tools are faster, cheaper, and predictable, but require high-effort rule maintenance and suffer from high false positive rates. HoundDog.ai combines the strengths of both approaches: a fully rule-based, deterministic engine, with AI used selectively to scale coverage without sacrificing performance, reliability, or trust.

Secrets scanning tools look for credentials hardcoded directly in code, such as API keys, passwords, or tokens. HoundDog.ai focuses on how sensitive data actually flows through code, tracking values across assignment statements and transformations to catch leaks into logs, files, third-party SDKs, and AI integrations.

DIY SAST tools like Semgrep and CodeQL are powerful and highly customizable, but their rules require significant upfront investment to learn and maintain. HoundDog.ai is a turnkey solution with broad, high-quality coverage of data elements and sinks out of the box. It is designed specifically for dataflow analysis, scales efficiently to large codebases, and detects complex data flows that general-purpose tools miss.

No. The scanner is free to use and distributed through GitHub, but it is not open source software. License details are available in our Terms of Service.

The Dataflow Context Engine gives AI coding agents continuously updated API and dataflow context across your repositories. The local scanner is free: run it on your machine and plug it into any MCP-compatible AI agent, with gRPC supported first and GraphQL and REST coming soon. The Enterprise tier integrates directly with GitHub, Bitbucket, and GitLab, auto-scans selected repos with no local checkout, runs in CI and on every pull request, and keeps API graphs continuously updated org-wide. Contact us for Enterprise pricing.

Any MCP-compatible AI agent can consume the context it produces. The engine is available as MCP Servers and Skills, exposing continuously updated API graphs that plug directly into your agent of choice.

Visit our Trust Center to view our latest SOC 2 report, penetration testing results, and SBOM details.

Try both products free, or see them live on your stack.

Run a privacy scan in seconds, plug API context into your AI agents, and talk to us when you are ready for org-wide coverage.