We’re at a pivotal moment in the history of cybersecurity—one where the lines between code, contributor, and country are blurring. As nation-state actors, supply chain attackers, and other cybercriminals grow more sophisticated, it’s no longer enough to know what’s in your software. You need to know who is in your software.
That’s why we built Entercept™, an AI-powered application security platform designed to expose the invisible risks in your open source software. After months of stealth development, we’re proud to announce that Entercept is officially live and already in use across both federal agencies and Fortune 100 companies.
Why We Built Entercept™
Modern software is assembled from thousands of open source components—many of them written by anonymous developers from around the world. That’s not inherently bad. But it becomes a security liability when you don’t know where your code came from, who maintains it, or whether it’s vulnerable, abandoned, or compromised.
According to our internal research, over 60% of open source code in U.S. enterprise applications is written overseas, often without any verified contributor identity. As U.S. organizations are forced to rip out code linked to adversarial nations like China and Russia, many are realizing they lack even the most basic tools for open source attribution and threat prioritization.
Entercept was created to solve that.
What Makes Entercept Different
Application Security tools tend to offer narrow insight into technical risk, but don’t offer Entercept’s combination of contributor intelligence, threat exploitability scoring, and behavioral insights—features that turn static dependency data into real-time, actionable signals.
Here’s what Entercept delivers out of the box:
- Software Component Ownership to unmask GitHub contributors. Trace the ownership of every OSS component, even in foreign-controlled packages. Flag anonymous maintainers and suspicious behaviors across the stack.
- Threat Exploitability and Impact Analysis to go beyond CVE lists. Understand what’s exploitable in your environment and what it could break—with real-time SBOM overlays and dynamic risk scoring.
- SBOM Generation + Management to visualize your stack like never before. See your software’s full risk graph with heatmaps and relationship diagrams that help you prioritize fast.
- Instant Cross-Application Risk Search Hunt emerging threats across repos, containers, and artifacts—before they turn into full-blown incidents.
- Agentless Scanning + One-Click Workflow Integrations Whether you’re deploying to the cloud or on-prem, Entercept fits into your engineering workflow with CLI tools and a sleek platform UI.
- Provenance Mapping + Regulatory Alignment to stay ahead of mandates like the Cyber Resilience Act, PCI DSS, NIST SSDF, FedRAMP, and CSCRM with built-in documentation and traceability.
Entercept in Action
Watch Entercept in action in this welcome video from our PM/CEO/ETC.
From the Battlefield to the Boardroom
“As software becomes the new battlefield, Entercept will be the weapon of choice for those defending digital infrastructure,” Our co-founder, Amanda Aguayo states. “We’re not just building another AppSec tool—we’re reshaping the category by making the invisible visible.”
That vision has already attracted forward-thinking partners like BrainGu and Parabol to pilot Entercept across real-world commercial and government environments. The early results are validating what we knew all along: the future of software security isn’t just about scanning code. It’s about understanding the people behind it.
What’s Next
This is just the beginning for Hunted Labs. With funding from Red Cell Partners and a $1.79M SBIR contract with the Space Development Agency, we are committed to pushing the boundaries of what open source security can look like.
Learn how Entercept can help expose threats in your applications. Request a demo and learn how, together, we can build software we can trust and Protect the Hunted.
