Shroud is a drop-in HTTP API that scrubs PII, PHI and PCI data from arbitrary strings, JSON payloads, and log streams — before they hit your logs, your warehouse, or your LLM prompts. One endpoint, 28 detectors, sub-15 ms p95.
Hand-tuned patterns for 28 categories, validated by Luhn, MRZ, IBAN mod-97 and friends. Handles 85 % of hits at 2 ms/KB. Written in Rust.
A 60 MB distilled BERT catches contextual names, addresses, prescription narratives. 8 ms/KB on L4, 6× on CPU.
Opt-in audit against a larger model for high-stakes payloads. Adds ~180 ms. Off by default.
# pip install shroud from shroud import Client shroud = Client(api_key="sk_live_…") clean = shroud.redact("user@acme.com paid $9,432 with card 4111 1111 1111 1111") # → "[EMAIL] paid [AMOUNT] with card [CARD]"
Type I complete Q1 2026. Type II audit in flight; expected Q4 2026.
Business Associate Agreement available on Team tier and above.
us-east / eu-central / ap-south. Payloads never cross regions.