Why DarkShield Is Better

Consider Key Advantages and Differentiators

Why is IRI DarkShield the best choice for protecting personally identifiable information (PII) hidden in unstructured sources?

Review these nine reasons for the detail, and peruse the other pages in this section to learn more.


DarkShield provides a unique form of content-aware DLP through the separate or simultaneous scanning and securing of PII in a wide range of data sources and formats, using a wide range of search methods and de-identification functions. In addition to its rich dark data discovery and masking wizards, DarkShield shares the same data class definitions and masking function with co-located sister tools for structured data and Excel; see Compatibility.

In terms of just masking functions, DarkShield provides a uniquely wide range for unstructured text and image files, structured, semi- and unstructured columns in relational and NoSQL DBs, plus PDF and MS documents. For PII in unstructured text and document files in particular, you can use functions in 15 different data masking categories, ranging from encryption and pseudonymization to hashing and redaction, to blurring and string logic.

Runtime capability, for both searching and masking operations, is not only a question of separate or together, but where. You can launch DarkShield jobs from IRI Workbench (Eclipse IDE), the command line, or from your own programs through an RPC API call for streaming text, files, relational DBs or NoSQL DBs.


Consider the ever-growing range of supported file formats for search and masking operations with DarkShield, as well as the possibility of searching and masking data in a number of cloud, NoSQL DB and application environments, including Amazon S3, Azure BLOB storage, Sharepoint, and GCP buckets. See the technical details page for the current list of supported data formats and sources.


DarkShield performance scales linearly in volume and does not require Hadoop, elastic computing, or very large memory architectures to power through multiple documents. DarkShield natively exploits multiple search threads, state-of-the-art machine learning algorithms, streaming data, and task consolidation to maximize the definition and speed of complex, high-volume data discovery and de-identification operations.


DarkShield uses encryption algorithms that comply with NSA, FIPS, etc., and its wide range of masking functions supports key de-identification requirements of HIPAA HITECH, GPDR and CCPA (including the right to erasure through search and delete, plus data portability and rectification through value location and extraction), plus many other US and international data privacy laws.

DarkShield data masking and obfuscation functions are either difficult, or impossible, to reverse. They can also be applied differentially; i.e., you can apply a function to a class of data on a global basis, or more narrowly to address specific subsets or even individual values; your choice. All these options further enhance security by creating more obstacles to revealing all the sensitive data with a single crack.

DarkShield jobs, data definitions, audit files, and related assets all run on premise so your data does not require a third-party API or cloud service to be masked. That said, DarkShield can still operate on data in the cloud where resident on those systems or when data like DropBox are locally mounted, or through custom adapters on request. You can also (easily) share DarkShield projects and metadata assets in the cloud (if you want to) through a distributed metadata management hub compliant with SSH security layers like Git.


DarkShield uses the same data classes, search methods and masking functions as IRI FieldShield (for structured RDBs and flat-files) and CellShield EE (for in-Excel search/mask), and runs on all Windows, Linux, or MacOS systems on premise or in the cloud. This provides for consistent, determinstic data masking rules that assure the same original ciphertext result for every original plaintext value regardless of its source.

Note that DarkShield ALSO supports multiple named-entity recognition (NER) models (compatible with OpenNLP, Tensorflow and Pytorch) plus exact AND fuzzy matching to values in lookup files we or you provide.

If you use DarkShield through an IRI Voracity platform subscription, you can also use FieldShield and CellShield EE, plus an extensive range of data protection functions beyond discovery and de-identification, including: re-ID risk scoring and anonymization for HIPAA EDM and FERPA compliance, DB subsetting (with or without masking), smart synthetic test data generation and population, AND fast big data management functionality including: data integration (ETL, etc.), cleansing, conversion, reporting, and more, all in the same pane of glass, IRI Workbench, built on Eclipse.


DarkShield developers work with, or otherwise follow the advice of, top security consultancy, industry analysts, and enterprise CISOs or compliance officers, in both feature development and custom solution implementations.


The DarkShield GUI is built on, and works within, Eclipse, the proven, extensible IDE already familiar to millions of users worldwide. It is an easy product to get started with, and use long-term. Everything runs on premise or in a cloud infrastructure you (not we) manage, so the software and all data sources/targets are strictly under your control (not ours) at all times.

What makes DarkShield even easier in this context however are its intuitive dialogs for data classification, job configuration wizards, and metadata infrastructure ... providing convenient and easy-to-learn ways to classify and find your PII, then run and modify the masking functions on it, and report on what you found and/or masked through JSON, delimited, and HTML5 (graphical) logs.

And thanks to its data class infrastructure, the nature of masking in DarkShield becomes content-agnostic. This means you do not have to think about the formats of the files, only your data classes and masking rules to maintain data/referential integrity in masking operations across multiple sources and silos automatically.

For API programmers, DarkShield uses the popular Swagger (OpenAPI) framework to speed code development, integration and modification through clear, human-readable documentation, and to facilitate web service calls.


DarkShield is available standalone at the industry's lowest pricing (IRI is deliberately not a megavendor), or included free with subscriptions to the IRI Voracity data management platform.


DarkShield is developed, licensed and supported by IRI, The CoSort Company, an American ISV renown for high performance data manipulation since 1978. Profitable since inception and partnered with leading data security and compliance VARs, system integrators and consultants worldwide like Capgemini, FortifyData, GDPRTech, HIPAAOne (Intraprise), NTT Data and SecureIT Labs. In this way, IRI and its authorized representatives, continue to provide the confidence and personalized service you need to succeed. See this page on the company's recognition in the data classification, governance, and masking markets.