Supabase Launches AI-Powered Security Advisors for Postgres

- Supabase, an open-source Firebase alternative, was founded in 2020 by Paul Copplestone and Ant Wilson and has raised over $500 million in funding, reaching a valuation of $5 billion by late 2025. - The Security Advisor is part of a suite of tools that also includes a Performance Advisor for database optimizations and an Index Advisor for suggesting indexes on slow-running queries. - The underlying open-source linter, Splinter, uses SQL queries to identify issues, some of which are general Postgres best practices, while others are specific to Supabase features like authentication and storage. - A key focus of the security scans is Row-Level Security (RLS), a PostgreSQL feature that allows developers to define which rows of data a user can access, preventing common data leaks in multi-tenant applications. - Common RLS misconfigurations that the advisor helps detect include tables with RLS disabled, tables that have RLS enabled but no policies, and the use of multiple permissive policies. - In addition to the in-dashboard tool, developers can use an AI-powered "Assistant" to help generate and apply correct RLS policies based on plain text descriptions of security requirements. - The introduction of these tools is part of a broader security initiative at Supabase, which in 2025 also included enabling RLS by default on new tables and introducing a new API key system with automatic revocation for leaked keys on GitHub. - The broader market for database security includes a variety of tools that handle tasks like access control, data masking, activity monitoring, and vulnerability management from vendors like Oracle, Fortinet, and Imperva.