IRI DarkShield is a data masking and PII data protection tool designed to discover, classify, and redact sensitive information across various data sources. In addition to handling structured data sources, DarkShield addresses the challenges of searching and protecting dark data—unstructured or semi-structured data that is often overlooked in traditional security measures.

DarkShield helps organizations identify and protect sensitive unstructured data like PII, ensuring compliance with privacy regulations and reducing the risk of data breaches.

DarkShield supports on-premise and cloud databases (SQL, NoSQL), semi-structured data (JSON, XML, LDIF, FHIR, HL7, X12), unstructured files (text, PDFs, images, audio, .SQL, DICOM), cloud storage (AWS S3, Azure Blob, GCP, SharePoint Online), and other big data formats (Parquet, Avro).

DarkShield can use multiple discovery methods, including pattern matching (regex), dictionary lookups, metadata (where available), AI-driven RDBMS data classification, and machine learning models for context-aware detection for PII in natural language (via Named Entity Recognition), handwriting, and signatures.

DarkShield offers masking techniques like substitution, deletion, nulling, encryption, scrambling, blurring, and pseudonymization to obfuscate sensitive data while preserving usability.

DarkShield uses Optical Character Recognition (OCR) and image processing to detect and redact sensitive information in scanned PDFs, images, and other non-text formats.

DarkShield supports GDPR, HIPAA, CPRA, PCI-DSS, KVKK, DPA, DPDP, POPI and PIPEDA compliance by automating data discovery and masking, providing audit trails, and enabling anonymization and retention policies.

DarkShield supports on-premises, cloud, and hybrid deployments. Security features include role-based access control (RBAC), encryption at rest and in transit, and secure APIs.

DarkShield integrates with IRI FieldShield, CoSort, and Voracity for comprehensive data protection and management across structured, semi-structured and unstructured environments. For example, DarkShield discovery and extraction of sensitive values can be used in textual ETL jobs with Voracity join logic.

DarkShield scales using multi-threading, distributed computing (load balancing via NGNIX), and job scheduling to handle large volumes of data efficiently.

DarkShield provides detailed masking logs, customizable dashboards and compliance reports, and SIEM integration for real-time monitoring and auditing in tools like Splunk.

DarkShield automates discovery and masking, reduces manual errors, and offers centralized dashboards for streamlined compliance workflows.

DarkShield stands out with support for all data types, advanced discovery (ML, NER, signatures, handwriting), flexible deployment, and integration with IRI data management and governance tooling.

DarkShield offers a GUI for job design, CLI for automation, and a RESTful API for embedding, enabling team collaboration and workflow integration.

DarkShield is developed and supported by Innovative Routines International (IRI), offering technical assistance, updates, training, and documentation.

DarkShield is included in IRI Voracity platform subscriptions, or licensed standalone. When licensed standalone, DarkShield is typically licensed perpetually (i.e., pay once for perpetual use), priced by file volume or using the FieldShield model if used for database masking. First hostname licenses currently range from USD $6K to $60K from IRI or between $9K and $90K from a VAR, with adjustments during renewal. There are discounts for multiple engines. Maintenance (support, fixes, upgrades) is free in the first year, then available at 20% annually thereafter.