> Latest Article: Cryptographic Failures is now #2 on the OWASP Top 10

The safest place for
Personal Identifying Information

With CipherStash you can make your PII encrypted, searchable and safe.
Stop data breaches and data spills; reduce the cost of compliance.

Join the wait list
Watch the video

1. Create

Define a collection schema that tells CipherStash how to make your data searchable. Then run a command create the collection.

2. Import

Import some data from a JSON file using stash import.

3. Query

Query a collection using the StashJS query API.

  "name": "movies",
  "type": {
    "title": "string",
    "runningTime": "string",
    "year": "number"
  "indices": {
    "exactTitle": { "kind": "exact", "field": "title" },
    "runningTime": { "kind": "range", "field": "runningTime" },
    "year": { "kind": "range", "field": "year" },
    "title": {
      "kind": "fullText",
      "fields": ["title"],
      "tokenFilters": [
        { "kind": "downcase" },
        { "kind": "ngram", "tokenLength": 3 }
      "tokenizer": { "kind": "standard" }

Keeping PII secure is hard

“Cryptographic Failures” is now #2 on OWASP top 10

The correct use of Encryption is one of the best ways to protect sensitive data like PII ...but applying cryptography correctly is harder than it sounds. So much so, that OWASP now lists cryptographic failures as number #2 on their list of top #10 Web Application Security risks.

$180 *

The average cost of a
single breached
user record

Data encryption reduces average cost of breach by $1M+

Data breaches can have devastating costs. On average, every leaked record costs companies $180 in incident response and reputational damages. Correct use of encryption reduces the cost of a data breach by over 25%.


Average cost of
data breaches for organisations
with high use of encryption


Average cost of
data breaches for organisations
with no/low use of encryption

Your PII isn't as secure as you think it is

Find out whySource: IBM Cost of a Data Breach Report 2021

Don't choose between protecting your data and making it useful

Until now, encrypting data stored in the database just wasn't practical — so, most data isn't fully encrypted.

Without CipherStash

Encrypt or query? Pick one.

Row-level encryption means traditional database queries are no longer possible.

Full disk encryption isn't enough

Encryption “at rest” doesn't protect data against common attacks. Read our blog post to learn why.

Protecting data slows teams down

Dev teams need access to data to test, fix bugs and build features. But using production data is risky and “scrubbing” or “anonymisation” techniques rarely work the way we expect.

With CipherStash

Searchable Encryption

CipherStash keeps data encrypted at all times while remaining searchable.

True end-to-end encryption

CipherStash never sees unencrypted data. Plus, you control the encryption keys.

Production like data without the pain

By moving sensitive data into CipherStash, your production database becomes inert!. Team members can use production snapshots locally and let CipherStash manage PII.

A screenshot of a terminal showing a query to the database taking only 0.016 seconds

Blazing fast performance

CipherStash can execute queries over millions of records in milliseconds. Performance is similar to a traditional database!

  • Typical query response time < 100ms
  • Scales to hundreds of millions of records
a screenshot showing a database query returning a full set of data in proxy mode

Never scrub your data again

Now you can do away with data scubbing, data generators and fakers. Because PII has been removed, production snapshots can be used safely on your local machine. CipherStash can be used in proxy mode to fake data on demand!

  • Store your PII in CipherStash
  • Keep the rest of your data where it is now
We've done the hard work to make searchable encryption easyFind out how CipherStash works for you

Private spaces to get you
production ready

Coming in Q1 2022 to AWS

Our managed private spaces give you the control over your data without the hassle. We take care of the hard stuff but never see any of your data.

BYO encryption keys

We make it easy to use your own keys with Amazon's Key Management Service.

VPC Peering

Access CipherStash directly inside your own Virtual Private Network.

High Availability

Multi-region support and replication.

Advanced backups

Flexible backup and restore to meet your Service Level Objectives.