.png)
5 hours ago
2
# TL;DR We built VeilStream, a drop-in, read-only PostgreSQL proxy that strips or masks sensitive values as queries stream through. In less than two minutes, you can put a proxy in front of a PostgreSQL database, whether hosted on your laptop, Neon, Supabase, or a cloud provider, and start filtering data.
The use cases we're trying to solve are: - Production-like data in development environments - Handle incidents faster, without looking at the data - share a subset of your data - protecting data being shipped into a data lake - safe data to expose in internal tooling, metrics, or BI dashboards
# How it fits in your stack - Role based policies: define masking rules in our web dashboard - The proxy picks up the configuration and starts applying rules automatically.
## You host it - it's a docker container, two environment variables: an api key, and the database URI connection
## We host it - Drop-in proxy: no code changes. Point your connection string at a new endpoint, that's it.
# How it works (and how fast it is) Restructuring the query AST based on the config. AST rewrites depend on the text/structure of the query, not on how many rows the database eventually returns, so they are effectively O(1) with respect to result size.
# Status & feedback wanted VeilStream is GA, but billing isn’t switched on yet. We’d love your thoughts on: throughput / latency in real workloads Filter rules & DevX weird edge-case queries (pg_dump, logical replication, etc.) security red-flags we might have missed I’ll be around all day to answer questions and dig into issues.
# tagline Ship features with data you can trust and privacy you don't have to worry about.
Comments URL: https://news.ycombinator.com/item?id=44310026
Points: 1
# Comments: 0
