All Vendors
abm

MadKudu

MadKudu is a predictive lead scoring and revenue intelligence platform, now owned by HG Insights, that deploys a JavaScript tag on customer websites to capture visitor IP addresses, emails, location data, and cookies. It aggregates behavioral, firmographic, and product-usage signals from multiple upstream sources (Segment, Amplitude, Mixpanel, data warehouses) into scoring models that classify visitors as sales-ready. The core risk is signal aggregation without visitor awareness -- website visitors are scored, qualified, and routed into retargeting campaigns based on behavioral fingerprints they never consented to build.

42 IOCs
0
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what MadKudu discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Analysis pending. Findings will appear here once intelligence collection is complete.

Disclosure Gaps

Claims vs. Observed Behavior

2 gaps

pending

MEDIUM
They Claim

Awaiting scanner verification

Observed Behavior

MadKudu Tag runtime behavior, cookie patterns, and pre-consent execution timing require direct observation via BLACKOUT scanner

pending

MEDIUM
They Claim

HG Insights data sharing scope unknown

Observed Behavior

Post-acquisition data flow between MadKudu scoring models and HG Insights technology intelligence products needs verification

Customer Impact

What This Means For You

If you find MadKudu deployed on a site you visit, your behavioral data -- page views, product usage patterns, content engagement -- is being scored and classified without your knowledge. The resulting lead score determines how aggressively you are pursued by sales teams. For organizations running MadKudu: your website visitors are being profiled across multiple data dimensions, and the composite scoring model may constitute automated decision-making under privacy regulations. The acquisition by HG Insights means visitor behavioral data may now be enriched with third-party technology intelligence data, expanding the profile beyond what was collected on your property.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

Recommended Actions for MadKudu

  • Audit your privacy policy to confirm MadKudu is disclosed as a data processor. Review whether the MadKudu Tag loads before or after consent is granted. Map all data sources feeding into MadKudu (Segment, CRM, product analytics) and assess whether visitors are informed about cross-source profiling. Evaluate whether predictive scoring constitutes automated decision-making requiring GDPR Article 22 protections. Request a data processing agreement that specifies retention periods for behavioral data and scoring models. Confirm the HG Insights acquisition has not changed data sharing terms.

Negotiation Leverage

  • MadKudu's leverage point is its position as middleware: it processes data collected by other tools you already run. When negotiating, demand clear data flow documentation showing exactly which upstream sources feed scoring models. Require contractual guarantees that the HG Insights acquisition does not expand data sharing beyond original DPA terms. Push for consent-gated tag loading as a deployment requirement. The platform's value depends on data volume -- restricting input sources to only consent-verified data significantly impacts model accuracy, giving you leverage to negotiate better privacy terms in exchange for maintaining data access.
IOC Manifest

IOC Manifest

42 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*madkudu.com/~flock.js*
Tracking script
TRACK
*madkudu.com/assets/index-Vju6xgES.js*
Tracking script
TRACK
*cdn.madkudu.com/madkudu.js/v1/*/madkudu.js*
Tracking script
TRACK
madkudu.com/assets/index-Vju6xgES.js
Auto-extracted from scan
TRACK
madkudu.com/~flock.js
Auto-extracted from scan
TRACK
cdn.madkudu.com/madkudu.js/v1/985ccd7664cec040468ba02ac8864151/madkudu.min.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

MadKudu integrates deeply across the modern revenue stack. Primary CRM connections include Salesforce and HubSpot for bidirectional score syncing. Data ingestion pipelines connect to Segment, Amplitude, Mixpanel, and custom data warehouses. The platform feeds scores into marketing automation tools (Marketo, HubSpot) for nurture routing and into sales engagement platforms for prioritization. The August 2025 acquisition by HG Insights adds technology intelligence data (what software companies run) to behavioral scoring. MadKudu is commonly deployed alongside 6sense, Demandbase, or Clearbit, creating layered identification and scoring stacks where each tool contributes data that compounds the overall profiling depth.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

42 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details