Hunted Labs announced Entercept, an AI-powered source code security platform that gives enterprises instant visibility into suspicious behavior from the people and code in their software supply chain.

Open source code and the people who write it are the unguarded entry point for cybercriminals aiming to inject ransomware, disrupt business, or commit espionage. As the use of open source code skyrockets, development and security teams face mounting pressure to find out who’s behind their code and determine whether they can be trusted. Entercept offers defense teams essential visibility to address these concerns effectively.

“As software becomes the new battlefield, Entercept will be the weapon of choice for those defending digital infrastructure,” said Amanda Aguayo, Co-Founder of Hunted Labs. “We’re not just building another AppSec tool—we’re reshaping the category by making the invisible visible.”

The growing need for open source visibility

Entercept’s launch comes on the heels of a threat report published by Hunted Labs that identified foreign influence over easyjson, a Go package designed to optimize JavaScript Object Notation (JSON). Detected with Entercept, easyjson appears to be owned and controlled by Moscow-based software developers working for Russia’s largest internet services conglomerate, VK Group.

The company falls under the control of Russian state-owned entities. In addition, a member of its leadership team is currently under sanctions by the United States and the European Union.

According to Hunted Labs’ proprietary research, more than 60% of the open source code used within enterprise software is written by foreign and unvetted developers, which – as Hunted Labs’ report demonstrates – leaves blind spots in contributor identity, code origin, and threat context.

As restrictions on code from the People’s Republic of China and Russia increase, organizations have to remove potentially dangerous software components from their critical applications, a daunting task that could require them to overhaul existing architecture and assume legacy tech debt.

“Security teams have long struggled to answer basic questions like ‘Who wrote this code?’ or ‘Is this vulnerability exploitable?’” said Hayden Smith, Co-Founder of Hunted Labs. “Entercept empowers teams to visualize, act, and report on those answers in real time—no guesswork; less noise.”

Addressing Supply Chain Blind Spots

There has been a rapid rise in supply chain attacks and regulatory interest in open source provenance in recent years. According to recent data, the number of poisoned packages in open source ecosystems has more than doubled in the past year.

Simultaneously, most enterprises lack tools for assessing contributor identity, location, and ownership—factors that may exacerbate their risk. Entercept was created to equip customers with these capabilities, with features like:

Software contributor attribution engine to reveal the identity of developers behind the code and trace every open source software (OSS) component, even in foreign-controlled packages; uncover anonymous GitHub users; flag suspicious activity patterns; and prioritize risk based on developer behavior and code history.

to reveal the identity of developers behind the code and trace every open source software (OSS) component, even in foreign-controlled packages; uncover anonymous GitHub users; flag suspicious activity patterns; and prioritize risk based on developer behavior and code history. Threat exploitability and impact analysis to move beyond common vulnerabilities and exposures (CVE) lists and map actual exploitability and system impact. Threat hunters and engineers can make decisions instantly with real-time software bill of materials (SBOMs).

to move beyond common vulnerabilities and exposures (CVE) lists and map actual exploitability and system impact. Threat hunters and engineers can make decisions instantly with real-time software bill of materials (SBOMs). SBOM generation and dependency map for comprehensive visibility into direct and transitive dependencies. Teams can easily meet their highest priority with risk heatmaps and software relationship visualizations.

for comprehensive visibility into direct and transitive dependencies. Teams can easily meet their highest priority with risk heatmaps and software relationship visualizations. Search for zero-days, CVEs, compromised packages, and other dangerous code across container images, repositories, and artifacts to spot incidents like easyjson, Log4j, XZ, or Ultralytics in applications and potentially cut response time by hundreds of hours.

across container images, repositories, and artifacts to spot incidents like easyjson, Log4j, XZ, or Ultralytics in applications and potentially cut response time by hundreds of hours. Agentless scanning to deploy across cloud and on-prem environments rapidly. Entercept integrates into existing engineering and DevSecOps workflows through either the CLI or a user-friendly platform interface.

to deploy across cloud and on-prem environments rapidly. Entercept integrates into existing engineering and DevSecOps workflows through either the CLI or a user-friendly platform interface. Provenance mapping to stay ahead of global software supply chain regulations and best practices (CRA, PCI DSS, NIST SSDF, FedRAMP, CMMC, and CSCRM). Entercept maps code origin, lifecycle, and ownership, giving teams the documentation and traceability they need.

Working Across Public and Private Sectors to Deliver Secure Solutions

Hunted Labs launched from stealth in March 2025 with $3 million in pre-seed funding from Red Cell Partners and a $1.79 million Small Business Innovation Research Direct-to-Phase II contract with the Space Development Agency. Since then, the company has partnered with BrainGu and Parabol to co-develop tailored use cases across government and commercial cybersecurity enterprises.

“Entercept is the first fresh look at supply chain threat intelligence I’ve seen in a long time. As we roll out our SmoothGlue Cloud offering, Hunted Labs is enabling an unparalleled look into our risk exposure so we can deliver even more certainty,” said BrainGu’s CEO, John Spencer-Taylor.

Parabol’s CEO Jordan Husney stated, “As a platform trusted by the Department of Defense and several other self-hosted customers, Parabol can’t afford blind spots in our software supply chain. Piloting Entercept with Hunted Labs gives us real-time visibility into every contributor and every dependency. So we catch threats early, reduce our response times, and deliver ironclad security to every team that relies on us.”