TrustKit.co
Poolside icon

Poolside

Enterprise AI coding platform with on-premise and VPC deployment for secure software development

by PoolsideUSUnited States🌐Customer-controlled: on-premise, VPC, or AWS Bedrock; no data egress in isolated mode
Code Assistants
TrustKit Score68%Strong

About Poolside

Poolside was founded in early 2023 by Jason Warner (former GitHub CTO) and Eiso Kant. The company has dual headquarters in San Francisco and Paris, with a French SAS entity (Poolside AI SAS) alongside the US parent (Poolside, Inc.). Poolside builds AI models purpose-trained for software engineering, differentiated by their RLCEF (Reinforcement Learning from Code Execution Feedback) training methodology that uses synthetic data rather than customer-contributed code. Two production models are available: Malibu, the flagship model for complex software engineering tasks (multi-file generation, refactoring, migration) with over 1 million tokens of context; and Point, a smaller quantized model for real-time IDE code completion with sub-200ms latency. The company has raised over $626 million in funding, including $500 million from Bain Capital (October 2024) and approximately $1 billion announced from NVIDIA (October 2025), reaching a $12 billion valuation. The team has grown to approximately 200-250 employees. For European enterprises, Poolside's deployment model is its key differentiator: the platform offers truly isolated on-premise and VPC deployment where customer code never leaves the customer's environment. There are no external calls and no dependency on Poolside's infrastructure. This makes it one of the most deployment-flexible AI coding tools available. Poolside models are also available via Amazon Bedrock for organisations that prefer a managed cloud approach. The platform supports SSO, OIDC, SCIM, and SAML for enterprise identity management. The company maintains a Drata-powered trust centre, suggesting security certifications are in progress, though SOC 2 and ISO 27001 are not publicly confirmed. The RLCEF training methodology on synthetic data means customer code is structurally never used for model training in on-premise/VPC deployments.

TrustKit Score Breakdown

?68% Strong
Data Residency
Where is your data stored and processed?
On-premise and VPC deployment with zero data egress. Customer code never leaves the customer's environment. EU organisations can deploy on their own EU infrastructure. Maximum data sovereignty.
5/5
Legal Jurisdiction
Which laws govern the company and your data?
Delaware incorporation (US). French SAS entity exists but parent is US. CLOUD Act applies to the corporate entity, though on-premise deployment means code never reaches Poolside's infrastructure.
2/5
Data Retention & Training
Is your data used for model training?
On-premise/VPC mode: customer has full control, no data leaves their environment. Training uses synthetic data (RLCEF), not customer-contributed code. Structural separation.
5/5
Certifications
ISO 27001, SOC 2, Cyber Essentials, etc.
Drata trust centre exists, suggesting SOC 2 is in progress. No public confirmation of SOC 2 or ISO 27001. US government ATO achieved (military/public sector).
2/5
Regulatory Fit
Suitability for regulated industries and professional services
On-premise deployment model is excellent for regulated industries. US jurisdiction is the main concern. French entity provides some EU connection. Public sector certifications (ATO, IL5) demonstrate security maturity.
3/5

Pricing

Custom
EnterpriseFree
Full pricing details →

Quick Facts

Starting PriceEnterprise custom pricingData HostingCustomer-controlled: on-premise, VPC, or AWS Bedrock; no data egress in isolated modeTrains on Your DataTrained on synthetic data (RLCEF); customer code not accessible in VPC/on-prem modeFounded2023Employees201-1000
Visit Poolside

Frequently Asked Questions

Is Poolside GDPR compliant?

Poolside has a TrustKit compliance score of 68% (Strong). Data Residency: On-premise and VPC deployment with zero data egress. Customer code never leaves the customer's environment. EU organisations can deploy on their own EU infrastructure. Maximum data sovereignty.. Legal Jurisdiction: Delaware incorporation (US). French SAS entity exists but parent is US. CLOUD Act applies to the corporate entity, though on-premise deployment means code never reaches Poolside's infrastructure..

Where does Poolside store data?

Poolside hosts data in: Customer-controlled: on-premise, VPC, or AWS Bedrock; no data egress in isolated mode. On-premise and VPC deployment with zero data egress. Customer code never leaves the customer's environment. EU organisations can deploy on their own EU infrastructure. Maximum data sovereignty.

Does Poolside train on user data?

Poolside: Trained on synthetic data (RLCEF); customer code not accessible in VPC/on-prem mode. On-premise/VPC mode: customer has full control, no data leaves their environment. Training uses synthetic data (RLCEF), not customer-contributed code. Structural separation.

What certifications does Poolside hold?

No certifications have been confirmed for Poolside yet. Drata trust centre exists, suggesting SOC 2 is in progress. No public confirmation of SOC 2 or ISO 27001. US government ATO achieved (military/public sector).

Compare Poolside With

Claude iconClaudeGitHub Copilot iconGitHub CopilotTabnine iconTabnineAmazon Q Developer iconAmazon Q DeveloperWiz iconWizChatGPT iconChatGPT

Similar Tools

Amazon Q Developer icon
Amazon Q Developer
AWS-native AI assistant for software development and cloud operations
88%
ChatGPT icon
ChatGPT
AI assistant by OpenAI for conversation, analysis, and content creation
64%
Claude icon
Claude
Anthropic's safety-focused AI assistant for analysis, writing, and coding
80%
CodeRabbit icon
CodeRabbit
AI-powered code review platform that automatically reviews pull requests for bugs, security, and quality
52%
Continue icon
Continue
Open-source AI code assistant for VS Code and JetBrains that works with any LLM
68%
Cursor icon
Cursor
AI-first code editor built for pair programming with large language models
60%