How do your agents decide a suspected issue is a validated vulnerability, and what measured false-positive/false-negative rates can you share?
How is customer code and data isolated and encrypted throughout reconnaissance, exploitation, and patch generation (e.g., single-tenant VPC, data-retention policy)?
Do the agents ever apply patches automatically, or is human review required—and how does the workflow integrate with CI/CD to prevent regressions?
The agents will hone in on a potential vulnerability by looking at different signals during its testing, and then build a POC to validate it based on the context. We don't have any data to share publicly yet but we are working on releasing benchmarks soon.
Everything runs in a private VPC and data is encrypted in transit and at rest. We have zero data retention agreements with our vendors, and we do offer single tenant and private cloud deployments for customers. We don't retain any customer code once we finish processing it, only the vulnerability data. We are also in process of receiving our SOC 2.
Patches are not auto applied. We can either open up a PR for human review or can add the necessary changes to a Linear/Jira ticket. We have the ability schedule assessments in our platform, and are working on a way to integrate more deeply with CI/CD.
I'm actually pretty interested in what you're building. Sure, Vanguard and Fidelity are well-established giants, but they've barely moved beyond standard ETFs for decades. Having the option to tweak weightings at a more granular level and do daily tax-loss harvesting at scale seems like a genuine step forward.
I also like that you're transparent about how you might eventually introduce additional revenue streams like margin lending or maybe even PFOF. Knowing that upfront is better than a sudden terms-of-service surprise down the road. Still, I'd hope you'll consider giving users some say over how their shares are handled — like opting out of lending — so your incentives stay aligned over the long run.
Congrats on hitting $10M AUM. I'm rooting for more low-fee alternatives that keep the user in the loop!
I'm curious if Double has any advantages over this offering other than price. While I'm not personally interested in direct indexing, if I was I would absolutely be willing to pay the extra $4/month to do it at Fidelity vs some unknown startup.
>> Fidelity has innovated a ton and they have this exact product, though I don’t know the fees.
>> Fidelity is very much into new fintech ideas and products..
Fidelity has a competitive product called Basket Portfolios and it is so buggy as to be almost unusable. The bugginess has existed for many months and they do not even seem to care.
We're focused on end-to-end evals focused on function-call accuracy, style, tone & latency of the conversations between our sims and your voice agent. Less focused on pure TTS evals at the moment!
Yea, it's interesting, it's just a Chatbot over a Zoom (we use Daily) call as opposed to a 1-on-1 websocket (or a phone call). Other advantage is using WebRTC!
Likely outsourced call centers since call complexity is low to medium. We also expect rapid adoption in industries like customer service, healthcare, and retail, where 24/7 availability could be high-impact for businesses and convenient for consumers!
I use Superwhisper (no affiliation, just a happy user), which runs a local Whisper model, to create most of my email drafts and post-meeting notes. I find Whisper more accurate than Mac’s built-in speech-to-text, plus I’m faster at speaking than typing.
Sometimes, I even ‘talk’ into Cursor’s chat window instead of typing. The only downside? It can get a bit annoying for others when you're talking to yourself all day.
I'm looking for something like this that runs on Linux. Best thing I've found is LiveCaptions, but its output is janky. I can't just use it to type in any old text field, and its output requires substantial editing after the fact.
I guess I understand that a lot of things are being developed for Apple silicon specifically. It's just frustrating that despite hours of searching, I'm not finding anything decent.
This looks really powerful for controlling the system with different scripts, but what if all I want it to do is let me narrate something and print out the sentences as close to real-time as possible? It's really just good STT that I'm looking for out of it.
The Talon voice dev created his own STT model that's very performant. The transcription quality is... good, but not world-class. It's better than anything that came out before Whisper IMO, but the newest generator of models can do things like inferring punctuation and words outside of its vocabulary (although the downside of the new generation of VTT is that they can sometimes hallucinate words that are very different from what you said).
It's a bit overkill to use Talon for just voice dictation, but that is 90% of what I use it for, and it's pretty good at it.
How do your agents decide a suspected issue is a validated vulnerability, and what measured false-positive/false-negative rates can you share?
How is customer code and data isolated and encrypted throughout reconnaissance, exploitation, and patch generation (e.g., single-tenant VPC, data-retention policy)?
Do the agents ever apply patches automatically, or is human review required—and how does the workflow integrate with CI/CD to prevent regressions?
Ty!