The Data Sinks page is where you manage how HoundDog.ai evaluates data exposure to storage systems, third party services, and AI integrations.
From this page, you can enable or disable individual data sinks, define whether a data sink should be treated as safe or risky, and configure allowlists for data elements when a sink is marked as risky. A complete list of supported data sinks, organized by programming language, is available in the scanner’s GitHub repository: https://github.com/hounddogai/hounddog/blob/main/data-sinks.md
HoundDog.ai applies a default allowlist to third party and AI data sinks based on the nature of each integration and typical data processing agreements. For example, a Stripe data sink includes required data elements such as bank account number, card number, and name. These are necessary for the integration to function and are not flagged as risky. However, if highly sensitive data such as Social Security numbers or protected health information is sent to Stripe, it will be flagged as a risk.
This approach aligns detection with real world data processing expectations, allowing you to focus on true policy violations rather than expected behavior. By customizing trust modes and allowlists to match your organization’s policies and agreements, you can identify and prevent DPA violations caused by unnecessary exposure of sensitive data before code reaches production.
Use the available filters to explore and manage data sinks:
- Data Sink: the name of the storage system, third party service, or AI integration
- Trust Mode: safe or risky
- Status: enabled or disabled
You can configure the scan rule for an individual row by clicking on the Edit icon, or you can select multiple rows and apply bulk changes by clicking either Disable Selected to disable those scan rules or Edit Allowed Data Elements to apply a whitelist of data elements to all selected rows.
When editing a specific data sink, you can configure the following:
- You can Enable or Disable the data sink entirely
- You can set the trust mode to Safe or Risky
- If marked as risky, you can define the Safe Data Elements, which represent the allowlisted data elements permitted for that data sink
