Sold by: 2616 Design
Deployed on AWS
Risdac by 2616 Design is a self-hosted AI redaction platform that detects, masks, and audits PII, secrets, and regulated data before it reaches LLMs, logs, databases, and third-party systems. Policy-driven guardrails cover 50 plus entity types including emails, SSNs, API keys, JWT tokens, and AWS credentials. Deploy as a single Docker container with embedded admin UI, REST API, and background workers. You provide PostgreSQL and Redis; no Kubernetes required. Built for healthcare, finance, legal, and other regulated teams adopting AI with SOC2, HIPAA, GDPR, ISO27001, and PCI-DSS policy packs.
Overview
Organizations adopting AI face a growing risk: sensitive data flowing into large language models, logs, analytics pipelines, and external vendors. Risdac is an enterprise AI redaction platform from 2616 Design that automatically identifies, redacts, and audits regulated and confidential information before it leaves your control.
Risdac is designed for security, platform, and compliance teams in healthcare, financial services, legal, government, and other regulated industries. It runs entirely in your AWS account as a single self-hosted container - no mandatory SaaS callbacks, no separate admin deployment. One image includes the Go backend, embedded React dashboard, REST API, and background workers. You supply Amazon RDS for PostgreSQL and Amazon ElastiCache for Redis.
DETECTION AND REDACTION ENGINE
Risdac goes beyond detect-and-log. Its policy engine applies real transformation -mask, tokenize, or replace - based on org-level rules with allow/deny precedence. Detection combines regex patterns, entropy-based secret scanning, and optional ML adapters for named-entity recognition. Supported entity types include emails, phone numbers, credit cards, SSN, passport and driver license numbers, addresses, medical records, customer IDs, API keys, JWT tokens, AWS credentials, database credentials, and provider API keys (OpenAI, Anthropic, and more). Custom regex rules extend coverage for internal identifiers and proprietary formats.
AI PROTECTION AND GUARDRAILS
Protect AI workflows end to end with prompt sanitization, input filtering, output filtering, and LLM guardrails. Integrations include OpenAI, Anthropic, Gemini, Ollama, Open WebUI, Slack, Microsoft Teams, and generic REST proxies - so teams can adopt AI tools without bypassing security controls.
COMPLIANCE AND AUDIT
Importable policy packs align with SOC2, HIPAA, GDPR, ISO27001, and PCI-DSS requirements. Every redaction decision is written to an immutable audit log with correlation IDs, exportable for compliance reviews and incident response. Role-based access control (owner, admin, member, viewer) is enforced in the API middleware, not just the UI.
OPERATIONS AND DEPLOYMENT
Risdac listens on port 8080 and serves the admin dashboard at /, the API at /api/v1, first-run setup at /setup, and health endpoints at /healthz, /readyz, and /metrics (Prometheus). CloudFormation and Terraform templates provision VPC, RDS, ElastiCache, Secrets Manager, ALB, and ECS Fargate. Docker Compose templates support local and EC2 deployments. OpenAPI documentation is included for automation and integration.
WHY RISDAC
Single container - complete product, no sidecar UI or separate admin host Self-hosted by default - your data stays in your VPC Real redaction, not detection-only Enterprise RBAC, audit trails, and policy packs from day one AWS Marketplace-ready with documented install, runbook, and security guides
Get started at https://2616design.com/products/risdac or https://2616design.com/docs/risdac/getting-started
Highlights
- Detect and redact 50+ entity types - PII, secrets, API keys, JWT tokens, and AWS credentials - with policy-driven mask, tokenize, or replace actions before data reaches LLMs or downstream systems.
- Deploy as a single self-hosted Docker container with embedded admin UI, REST API, workers, and Prometheus metrics. Bring your own PostgreSQL and Redis - no Kubernetes required.
- Deploy as a single self-hosted Docker container with embedded admin UI, REST API, workers, and Prometheus metrics. Bring your own PostgreSQL and Redis - no Kubernetes required.
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
Risdac on Amazon ECS Fargate
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
Risdac Starter | Annual license for Risdac Starter. Self-hosted AI redaction for pilot and evaluation teams. Includes up to 25 users, 50+ built-in entity detectors, 6 AI provider integrations, embedded admin dashboard, policy management, immutable audit logs, and community support. Deploy as a single Docker container in your AWS account (ECS Fargate, EKS, or EC2). You provide PostgreSQL and Redis. AWS infrastructure costs are billed separately to your account. | $200.00 |
Risdac Business | Annual license for Risdac Business. Production AI redaction for mid-market and enterprise teams. Includes unlimited users, compliance policy pack imports (SOC2, HIPAA, GDPR, ISO27001, PCI-DSS), immutable audit export, AI guardrails for OpenAI/Anthropic/Gemini/Ollama/REST proxies, Prometheus metrics, and priority email support (8x5). Single self-hosted container with embedded UI and API. High-availability deployment supported. AWS infrastructure costs are billed separately. | $500.00 |
Risdac Enterprise | Annual license for Risdac Enterprise. Global rollout with custom SLA, 24x7 dedicated support, SSO/SCIM integration, security review package, dedicated solutions architect, custom detector development, and multi-region deployment assistance. Full Risdac platform: detection, redaction, policy engine, integrations, audit, and embedded dashboard. Self-hosted in your VPC. Contact 2616 Design for private offer pricing and custom terms. | $1,000.00 |
Vendor refund policy
Refunds for Risdac AWS Marketplace subscriptions may be requested within 14 days of initial purchase if the license has not been activated in a production environment. Email support@2616design.com with your AWS account ID, Marketplace subscription ID, and purchase date. 2616 Design will review and respond within 5 business days. Approved refunds are issued per AWS Marketplace refund procedures. Private offers and renewals are non-refundable unless stated in your agreement.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Risdac on Amazon ECS Fargate
Supported services: Learn more
- Amazon ECS
- Amazon EKS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Risdac 1.0.0 - Initial AWS Marketplace release
New features:
- AI redaction platform with PII and secret detection (50+ entity types)
- Real redaction: mask, tokenize, or replace detected content per policy
- Policy management with compliance pack support (SOC2, HIPAA, GDPR, ISO27001, PCI-DSS)
- Immutable audit log for every redaction decision
- AI guardrails and integrations (OpenAI, Anthropic, Gemini, Ollama, REST proxy)
- Embedded admin dashboard, REST API, and background workers in one container
- Health endpoints: /healthz, /readyz, /metrics (Prometheus)
- OpenAPI spec at /api/v1/openapi.json
Requirements:
- PostgreSQL 16 (Amazon RDS recommended)
- Redis 7 (Amazon ElastiCache recommended)
- Container listens on port 8080
Documentation: https://2616design.com/docs/risdac/getting-started https://2616design.com/docs/risdac/aws-deployment
Additional details
Usage instructions
PREREQUISITES
- VPC with public and private subnets across two Availability Zones
- Amazon RDS PostgreSQL 16 (database name: risdac, sslmode=require)
- Amazon ElastiCache Redis 7 with AUTH and transit encryption
- AWS Secrets Manager for application secrets
- ECS Fargate cluster and Application Load Balancer
REQUIRED SECRETS
Store in AWS Secrets Manager:
- DATABASE_URL (postgres connection string)
- REDIS_URL (redis connection string with auth)
- RISDAC_ENCRYPTION_KEY (32 or more characters)
- RISDAC_JWT_SECRET (16 or more characters)
PULL CONTAINER IMAGE
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 709825985650.dkr.ecr.us-east-1.amazonaws.com
docker pull 709825985650.dkr.ecr.us-east-1.amazonaws.com/2616-design/risdac:1.0.0
DEPLOY ON ECS FARGATE
- Create an ECS task definition using the image URI above
- Map container port 8080 to the ALB target group
- Inject secrets as environment variables from Secrets Manager
- Run the task in private subnets with outbound NAT
- Point the ALB listener to the service on port 8080
FIRST-RUN SETUP
Open https://your-alb-dns/setup in a browser or call the setup API:
curl -s https://your-alb-dns/api/v1/auth/setup/status
curl -s https://your-alb-dns/api/v1/auth/setup
-H "Content-Type: application/json"
-d '{"email":"admin@example.com ","password":"YourSecurePassword","name":"Admin","org_name":"YourOrg"}'
VERIFY DEPLOYMENT
curl -s https://your-alb-dns/healthz curl -s https://your-alb-dns/readyz
Log in at https://your-alb-dns/ and create a redaction policy. Test redaction:
curl -s https://your-alb-dns/api/v1/redact
-H "Authorization: Bearer YOUR_JWT"
-H "Content-Type: application/json"
-d '{"text":"Contact user@example.com "}'
DOCUMENTATION
Getting started: https://2616design.com/docs/risdac/getting-started AWS deployment: https://2616design.com/docs/risdac/aws-deployment Configuration: https://2616design.com/docs/risdac/configuration API reference: https://2616design.com/docs/risdac/api-reference Support: support@2616design.com
Resources
Vendor resources
Support
Vendor support
2616 Design provides documentation-first support for Risdac on AWS Marketplace.
Documentation (always available):
- Product docs: https://2616design.com/docs/risdac/getting-started
- Installation guide: https://2616design.com/docs/risdac/aws-deployment
- API reference: https://2616design.com/docs/risdac/api-reference
- Architecture: https://2616design.com/docs/risdac/architecture
- Troubleshooting: https://2616design.com/docs/risdac/troubleshooting
Support channels by subscription tier:
- Starter: Documentation and community support via GitHub Issues (best effort)
- Professional: Email support at hello@2616design.com - response within 2 business days
- Enterprise: Dedicated support channel with SLA per agreement
What we help with:
- Initial deployment via CloudFormation, Terraform, or Docker Compose
- Configuration of DATABASE_URL, REDIS_URL, encryption keys, and JWT secrets
- Policy setup, detection rules, and integration configuration
- Health check interpretation (/healthz, /readyz) and Prometheus metrics
- Upgrade guidance between Risdac versions
Security issues: Report vulnerabilities privately to security@2616design.com . Do not file public issues for security bugs.
Infrastructure note: Risdac runs in your AWS account. 2616 Design supports the application layer; RDS, ElastiCache, ECS, and networking are managed in your account per the deployment templates.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.