Trueguard delivers advanced protection against malicious users for your SaaS. Automatically blocking temporary emails, free-tier abusers, automated bots, and other threats.
Hello Product Hunt! 👋
We are the team behind Trueguard.io, and we are excited to share our work so far.
If you have built a SaaS product with a free plan before, you know the problem. Users abusing the free-tier or farming rewards and creating burner accounts over and over.
Existing solutions felt either too complex or just were not up to our standards. Trueguard is our take on solving that problem while keeping things lightweight, smart & adaptable.
Why Trueguard?
✉️ Email Intelligence - Identify if the user's email is suspicious or temporary by detecting email quality, checking against our domain database & AI matching.
🌐 Proxy & VPN Detection - Analyse your user's IP addresses to determine if they originate from suspicious sources like a VPN or proxy.
🤖 AI Scoring - We utilise AI to provide risk score based on various unique datasets.
🌍 Geolocation - Get insights to where your user signups are coming from.
📋 Rules Engine - Adjust the rules & appropriate responses of signals.
💻 Device Fingerprinting - Advanced user fingerprinting technology that operates without relying on cookies.
Would love to hear your thoughts or any questions below! Thank you for checking us out ✌️
@hristiank No service is perfect. It is not possible to know every temporary email domain in the world. You signed up at 13:19:35 UTC, and the domain you used was added to our database at 13:21:17 UTC after a regular check by the system. Your sign-up was marked 85% suspicious, and the recommended action by Trueguard was to quarantine this account.
It is something new. I like it, and I see several use case scenarios for that product. Are you the one and only solution doing this? Looks great! And the pricing seems to be affordable.
Overall, we are not the only ones doing it, but existing solutions were either way too complex or not sufficient enough. Trueguard actually got started as an inside product on my other SaaS, where we had a lot of free tier abuse. But quite quickly, we saw a need for a standalone product for other SaaS. So far, we have done over 60M email and IP analysis for crypto, AI, and SaaS companies.
🎉 Congrats on launching Trueguard! As a SaaS builder who's battled fake signups, I'm thrilled to see a tool that tackles temp emails and VPNs in one lightweight package. The AI scoring + rules engine combo is 🔥 – love how adaptable it is!
Quick suggestion: Have you considered adding a "behavior flow analysis" layer? Like flagging users who rapidly toggle between VPNs during signup? Could complement your device fingerprinting!
What's next on your roadmap? Would love to hear how you'll evolve the geolocation insights! 👀
We actually already have suspicious IP activity behaviour analysis when the user tries to find a clean IP during the signup.
We have quite a few things on the roadmap, for example: to finalize our network and device fingerprinting feature, webhooks to notify the service if we later find the account abusive (for example, we didn't identify the temporary domain initially), and more to analyze overall behaviour and linked accounts.
With geolocation, one of the next things is TCP handshake analysis to get the user's approximate location, even if they are using VPNs, etc.
The email intelligence feature looks robust! I have a question about Proxy & VPN Detection, can it differentiate between legitimate corporate VPNs and malicious Tor nodes? Granular filtering would help avoid blocking remote workers.
@desmond_ren1 Good question. We currently don't flag any corporate VPNs. We only flag regular day-to-day VPNs like NordVPN, Mullvad, etc., that might be used to bypass multiple users per IP check. We don't recommend fully blocking users when they are using VPNs, as a lot of legitimate users are using them, but it is one vector that we take into account. But additionally, we provide high-risk IP scores for those IPs that originate from proxies, data centers, and more, as these usually originate from malicious sources.
Congratulations on launching Trueguard! It's impressive to see a solution addressing the significant issue of fake user signups.
How does Trueguard differentiate its blocking algorithms from existing solutions, and what metrics do you use to measure its effectiveness in real-time user protection?
@ica_lestari It's very hard to track the exact efficiency or accuracy. But we have clients who give us feedback from time to time on what kind of users ended up being abusive, and if we did some false positives. It is a never-ending cat-and-mouse game, and we have to experiment and continuously develop our system.
This is actually really useful if it works. We are using AWS SES for sending out transactional emails and we use an email verification service but it still doesn't detect all of them. We still get in trouble from the bounce emails from SES from time to time.
@wooyi We are currently mainly focused on real-time email verifications. But overall, bounce prevention and bulk email verification are in our roadmap as we have quite a big and good database to help with that also.
You have my vote! @Trueguard Anything that can be used to help stop the malicious activity of the click farms, fake bots, and downright FRAUD! will always have my vote. Several years ago when PMax campaigns arrived on the scene we noticed a spike of fake signups (in our client's accounts) but they were being very low key with the effort in order to fly under the radar. Like a 2% conversion ratio or less on the domain level so it wouldn't attract attention. When those signups were happening Google Ads was seeing it as a conversion thus training the algorithm to send more traffic to the made for Adsense site costing the advertiser a portion of their budget. We asked other clients to check their signups and sure enough they found the same thing happening. Impressed with what you are offering at a very reasonable price. Keep up the good work!
Nice product. Would be great if you can also integrate name verification. I have tons of bots signing up on my product with random characters as their names (eg: scVGDghSN, etc). We can pass firstname, lastname, IP, email, etc for verification and get a risk score on each of them and also a general one
As I prepare to launch my startup product AI Tour Guide on Product Hunt next week, one of my biggest concerns has been dealing with malicious users-especially since we’re offering free trial. Trueguard is exactly the kind of solution we need to tackle this problem
Really interesting service but how would it handle using Apple service to hide emails or if we use the service to tag services for example a email made by apple to have all my subscriptions to streaming services, and other to have all my gaming subs or registrations? or if you simply validate your email it will tag it as 100% real email account?
Replies
Trueguard
Just signed up with a temp email for your service... it didn't flag it. Nothing.
Created an account like it's a normal email address. It's not a good look to be honest.
Edit: Although your system does mark it as 100% temp email once you check it manually through your app.
Trueguard
@hristiank No service is perfect. It is not possible to know every temporary email domain in the world. You signed up at 13:19:35 UTC, and the domain you used was added to our database at 13:21:17 UTC after a regular check by the system. Your sign-up was marked 85% suspicious, and the recommended action by Trueguard was to quarantine this account.
It is something new. I like it, and I see several use case scenarios for that product. Are you the one and only solution doing this? Looks great! And the pricing seems to be affordable.
Trueguard
@michael_vavilov Thanks for the comment!
Overall, we are not the only ones doing it, but existing solutions were either way too complex or not sufficient enough. Trueguard actually got started as an inside product on my other SaaS, where we had a lot of free tier abuse. But quite quickly, we saw a need for a standalone product for other SaaS. So far, we have done over 60M email and IP analysis for crypto, AI, and SaaS companies.
@cml the best solutions are often born as an internal feature
Tate-A-Tate
🎉 Congrats on launching Trueguard! As a SaaS builder who's battled fake signups, I'm thrilled to see a tool that tackles temp emails and VPNs in one lightweight package. The AI scoring + rules engine combo is 🔥 – love how adaptable it is!
Quick suggestion: Have you considered adding a "behavior flow analysis" layer? Like flagging users who rapidly toggle between VPNs during signup? Could complement your device fingerprinting!
What's next on your roadmap? Would love to hear how you'll evolve the geolocation insights! 👀
Trueguard
@rocsheh Thanks for the comment and kind words.
We actually already have suspicious IP activity behaviour analysis when the user tries to find a clean IP during the signup.
We have quite a few things on the roadmap, for example: to finalize our network and device fingerprinting feature, webhooks to notify the service if we later find the account abusive (for example, we didn't identify the temporary domain initially), and more to analyze overall behaviour and linked accounts.
With geolocation, one of the next things is TCP handshake analysis to get the user's approximate location, even if they are using VPNs, etc.
a really cool tool. you might want to add your socials to the site - would add legitemacy I reckon.
upvoted. good luck with the launch, team @Trueguard
Trueguard
@taniabell Good suggestion, thanks!
50+ Contract Templates by Clientjoy
All the best for the launch @cml & @keding !
Trueguard
@parekh_tanmay Thank you so much Tanmay! We appreciate the support. 🙏
Manna
The email intelligence feature looks robust! I have a question about Proxy & VPN Detection, can it differentiate between legitimate corporate VPNs and malicious Tor nodes? Granular filtering would help avoid blocking remote workers.
Trueguard
@desmond_ren1 Good question. We currently don't flag any corporate VPNs. We only flag regular day-to-day VPNs like NordVPN, Mullvad, etc., that might be used to bypass multiple users per IP check. We don't recommend fully blocking users when they are using VPNs, as a lot of legitimate users are using them, but it is one vector that we take into account. But additionally, we provide high-risk IP scores for those IPs that originate from proxies, data centers, and more, as these usually originate from malicious sources.
TapRefer
@Product Hunt and every website should start using this.
Trueguard
@jiteshghanchi Agreed :)
As a developer, I value robust security! 👍
Trueguard
@shenjun Especially turning the time of vibe coding :)
Does this work for mobile apps? Mobile is a big gap for competitors like Cloudflare Turnstile.
Trueguard
@chrisvariety Yes it does! One of our biggest clients right now is a mobile only app.
ThriveDesk
Perfect timing. looking for such service for @ThriveDesk
Going to integrated with our signup flow.
Trueguard
@parvezvai Awesome! Feel free to reach out if you need any help or additional information.
Congratulations on launching Trueguard! It's impressive to see a solution addressing the significant issue of fake user signups.
How does Trueguard differentiate its blocking algorithms from existing solutions, and what metrics do you use to measure its effectiveness in real-time user protection?
Trueguard
@ica_lestari It's very hard to track the exact efficiency or accuracy. But we have clients who give us feedback from time to time on what kind of users ended up being abusive, and if we did some false positives. It is a never-ending cat-and-mouse game, and we have to experiment and continuously develop our system.
Venngage
This is actually really useful if it works. We are using AWS SES for sending out transactional emails and we use an email verification service but it still doesn't detect all of them. We still get in trouble from the bounce emails from SES from time to time.
Trueguard
@wooyi We are currently mainly focused on real-time email verifications. But overall, bounce prevention and bulk email verification are in our roadmap as we have quite a big and good database to help with that also.
You have my vote! @Trueguard Anything that can be used to help stop the malicious activity of the click farms, fake bots, and downright FRAUD! will always have my vote. Several years ago when PMax campaigns arrived on the scene we noticed a spike of fake signups (in our client's accounts) but they were being very low key with the effort in order to fly under the radar. Like a 2% conversion ratio or less on the domain level so it wouldn't attract attention. When those signups were happening Google Ads was seeing it as a conversion thus training the algorithm to send more traffic to the made for Adsense site costing the advertiser a portion of their budget. We asked other clients to check their signups and sure enough they found the same thing happening. Impressed with what you are offering at a very reasonable price. Keep up the good work!
Trueguard
@craig_belcher1 Thank you Craig! Keeping things simple and the price accessible to everyone was the goal. 🙏
Nice product. Would be great if you can also integrate name verification. I have tons of bots signing up on my product with random characters as their names (eg: scVGDghSN, etc). We can pass firstname, lastname, IP, email, etc for verification and get a risk score on each of them and also a general one
SeeMuseums
Really interesting service but how would it handle using Apple service to hide emails or if we use the service to tag services for example a email made by apple to have all my subscriptions to streaming services, and other to have all my gaming subs or registrations? or if you simply validate your email it will tag it as 100% real email account?