SOFI

Features

Every decision made so your team ships faster.

SOFI is opinionated about isolation, masking, refresh, and audit. The result is realistic test data that stays inside your security boundary.

VDBs

Provision an isolated database per developer. In seconds.

VDBs are logical databases on private pools. SOFI creates the role, mounts the thin clone, applies masking policy, and returns a usable connection string without a full database copy.

  • Average provisioning time: < 60 seconds
  • 95% smaller storage (incremental snapshots)
  • Configurable TTL (auto-destroy after 24h, 7d, etc.)
  • Automatic pool selection by database type and capacity
VDB documentation
$ sofi vdb create

Masking

50+ native rules. Referential consistency preserved.

DataMasker applies deterministic rules while preserving joins, formats, constraints, and application behavior. Batching keeps large masking jobs predictable.

  • PII detector with no setup (12 locales)
  • FKs and PKs preserved via consistency keys
  • Locale-aware for SSN, ZIP codes, phones
  • Hyperscale: 100M+ rows via Celery chord
Rules catalog
rules/email.yml

Everything in

12 features. One platform.

Virtual Databases (VDBs)

Per-developer thin-clones. Provisioning in < 60s. Shared underlying storage.

Masking · 50+ rules

PII detection, referential consistency, locale-tuned for global data.

Native CDC

WAL (Postgres), binlog (MySQL), LogMiner (Oracle). Sub-second latency.

38+ connectors

Relational, NoSQL, analytics. Drivers managed by the platform.

Private access controls

SSO, RBAC, private routing, scoped approvals, and auditable bypass.

CoW snapshots

Copy-on-write. Incremental snapshots. Instant rollback.

Hyperscale masking

100M+ rows without OOM. 50K-row chunks via Celery chord. Keyset pagination.

Granular RBAC

Roles: admin, developer, viewer, requester. Permissions per scope:action.

Compliance audit

Immutable log of masking, access, and provisioning. Export for auditors.

PII detector

Identifies SSN, email, phone, credit cards, and addresses without setup.

Webhooks + SSO

OIDC/SAML for auth. Webhooks for provisioning and masking events.

API + CLI

REST API and CLI for CI/CD scripts. Native GitHub Actions integration.

Enough features to replace another manual refresh process?

Plan deploymentTalk to sales