It lands on your AWS bill
Pay through AWS Marketplace, draw down committed spend, skip a new-vendor security review and a separate PO.
PrivaCI Commercial
The masking engine you already trust — now with proof and support.
The PrivaCI engine is free and open source. Commercial PrivaCI is open source data masking commercial support: the compliance, automation, and support layer that turns a great tool into something you can put your name on in an audit. Same engine, same VPC, zero data egress.
Billed by source database through AWS Marketplace. Start on open source and upgrade in place — no migration.
Why teams upgrade
Open source masks the data. Commercial proves it.
Audit evidence, not screenshots
Hand auditors a cryptographically signed, reproducible report instead of assembling proof by hand each cycle.
Risk goes down, not up
Drift detection catches new PII columns before they reach staging — the failure mode that hand-rolled masking never sees coming.
What you get
Everything in OSS, plus the parts auditors and operators need
Signed compliance reports
Tamper-evident, byte-for-byte reproducible run reports with Ed25519 detached signatures an auditor can verify independently. JSON and Markdown summary export.
Schema-drift detection
privaci detect-drift diffs each run's catalog snapshot against the last, classifies added/removed/retyped columns, and flags uncovered PII before it leaks.
FK-aware data subsetting
Slice staging data by tenant, date, or custom predicates while FK closure keeps referential integrity — no orphan rows in the target.
JSONB path masking
Mask nested audit and event payloads in json/jsonb columns in place — structure preserved, invalid JSON never written.
CI preview & policy diff
privaci preview emits redacted sample rows, policy-diff JSON, and SARIF for CI gates. Findings flow into signed reports via attention_required.
License & metering
AWS Marketplace entitlement: source-database count is a hard pre-run gate; monthly data is an included allocation that blocks the next run when month-to-date exceeds the tier.
Run notifications
Slack and generic webhook notifiers fire on run completion so refreshes are visible to the whole team without babysitting a pipeline.
Trust & control
You keep the data, the keys, and the network
- Masks inside your VPC. The engine never phones home and runs fully offline.
- Compliance reports are signed with your own Ed25519 keys; signatures verify without trusting us.
- PII is never logged, never written to disk mid-run, and every SQL statement is parameterized.
Pricing
Plans scale by source database
You are billed by unique source databases (rolling 30-day window) and by calendar-month data processed. Subscribe on AWS Marketplace — pricing flows onto your existing AWS invoice.
Starter
$99 / month
2 source databases
100 GiB / month included
One team masking a production database and a replica.
Growth
$349 / month
5 source databases
500 GiB / month included
Multiple services or environments under one subscription.
Business
$899 / month
15 source databases
5 TiB / month included
Org-wide masking across many products.
Unlimited
$1,499 / month
Unlimited source databases
Unlimited data included
No tier ceilings — mask every database in the org.
Ready when you are
Subscribe through AWS Marketplace and your team can be masking with signed reports the same day.
See it run
From config to signed audit report
A real terminal session on Demo Corp fixtures: dry-run and preview before you write a row, stream the mask job with FK-safe ordering, verify integrity without exposing values, then export a tamper-evident JSON report for auditors.
Buyer questions
Procurement & security, answered
How is it priced?
Flat monthly rates on AWS Marketplace, billed by unique source databases (rolling 30-day window, hard pre-run gate) and calendar-month data processed (included allocation — blocks the next run when month-to-date exceeds the tier): Starter ($99/mo, 2 DBs, 100 GiB), Growth ($349/mo, 5, 500 GiB), Business ($899/mo, 15, 5 TiB), Unlimited ($1,499/mo, no ceilings). Everything lands on your existing AWS invoice.
Why buy through AWS Marketplace?
It draws down your AWS committed spend (EDP), needs no new vendor onboarding or separate PO, and consolidates billing. Procurement is a few clicks instead of a quarter.
Do we still control our data and keys?
Yes. The commercial layer runs in your account and masks entirely in your VPC. Report signing keys are yours; we never see your data or PII.
What makes the compliance reports trustworthy?
Each report is canonicalized and signed with an Ed25519 detached signature, so it is tamper-evident and reproducible byte-for-byte. An auditor can verify it without trusting us.
Can we start on open source and upgrade later?
Yes. Install the commercial layer alongside the same engine you already run; it activates via entry points with no migration. Nothing about your pipeline changes except the features that switch on.
What if we exceed our tier?
On Starter, Growth, or Business, either ceiling — too many source databases or too much data processed in the calendar month — blocks new runs at start with exit code 5, a clear cause, and remediation steps. Unlimited has no ceilings. There is no silent over-billing.