There is a moment familiar to anyone who has ever shipped software. You need to test something against real data - the kind with edge cases, weird names, malformed phone numbers, the one customer in Idaho whose record breaks everything. The safe, sanctioned test dataset is useless because it is too clean. The real production data is perfect because it is real. It also contains other people's Social Security numbers, and copying it into a test environment is, depending on your jurisdiction and your lawyer's mood, somewhere between a bad idea and a federal problem.
Most engineers, at some point, copy it anyway. "Just this once." Tonic.ai is a company built on the premise that "just this once" is a business opportunity worth roughly $56 million in venture funding.
The company, founded in San Francisco in 2018, sells synthetic data. That is the polite term. Its actual social media handle is @tonicfakedata, which tells you the founders decided early that they were not going to be precious about it. The pitch is straightforward and slightly counterintuitive: give Tonic your real database, and it will hand back a version that looks and behaves exactly like the original - same statistical shape, same relationships between tables, same edge cases - but contains none of the actual sensitive values. Realistic enough to build on. Fake enough to email to a contractor.
The founders came from the data-obsessed
The four co-founders - Ian Coe, Karl Hanson, Andrew Colombi, and Adam Kamor - came out of Palantir and Tableau, two companies that think about data in almost opposite ways. Palantir's whole existence is about extracting meaning from enormous, sensitive datasets. Tableau's is about making data legible to humans. Somewhere between "this data is dangerously powerful" and "this data should be easy to use" is the exact problem Tonic decided to solve.
Coe, the CEO, has described the core insight in interviews as a productivity problem disguised as a privacy problem. Engineers are blocked - by compliance, by security, by the sheer risk of handling production data - from the one thing that would let them move fast. The mission statement the company settled on is "unblock innovation with usable data," which is corporate, but the underlying claim is not: the bottleneck in a lot of software development is not talent or tooling, it is that the good data is radioactive.
It is worth pausing on the word "usable," because it is doing quiet work. There are, broadly, two failure modes for test data. One is data that is too safe: hand-rolled fixtures, a dozen fake users named Test McTestface, the sort of dataset that passes every test and then falls over the instant it meets a real customer. The other is data that is too real: a straight copy of production, useful precisely because it is dangerous. Tonic's entire proposition is that you should not have to choose - that there is a third category where the data keeps everything that makes it useful and sheds everything that makes it a liability. Whether that third category exists, in practice, is an engineering question, and the answer is most of the company.
What it actually does
The mechanics matter, because "synthetic data" is easy to say and genuinely hard to do. The difficulty is not generating random plausible-looking rows. Anyone can do that. The difficulty is referential integrity: in a real database, the customer in the orders table has to match the customer in the customers table, whose ZIP code has to be consistent with their address record, whose account age has to make sense against their transactions. Break any of those relationships and the synthetic data stops behaving like real data, which means it stops being useful for the exact testing you built it for.
Tonic's original product, now called Tonic Structural, handles this for relational and NoSQL databases - de-identifying, masking, and subsetting production data while keeping all those relationships intact. Subsetting is its own quiet trick: instead of a 50-terabyte copy of production, you get a coherent slice small enough to run on a laptop, with the foreign keys still pointing where they should.
- Give developers realistic test data without copying production
- Subset a giant database down to a laptop-sized, still-coherent slice
- Strip PII out of documents and chat logs before an LLM ever sees them
- Generate a whole synthetic database from a plain-language request
- Satisfy HIPAA, GDPR, and PCI reviewers with de-identified datasets
Then the ground shifted. The AI boom created a new, enormous appetite for data - not neat rows in a database, but the messy stuff: support tickets, PDFs, contracts, chat logs. The unstructured text where personally identifiable information likes to hide. If you want to train a model or feed a retrieval-augmented generation (RAG) system on your company's documents, you first have to get the secrets out of them. This is tedious, error-prone, and exactly the kind of thing a company that already specializes in finding-and-replacing sensitive data would be good at.
So in 2024 Tonic shipped Tonic Textual, which it billed as a secure "data lakehouse for LLMs." It parses free text in any file format, uses proprietary named-entity-recognition models to detect sensitive information, and then either redacts it or - more cleverly - synthesizes a realistic replacement. Not "[REDACTED]" but a plausible fake name that keeps the sentence's shape and meaning intact, so the downstream model still learns something useful. The same year, it launched Tonic Fabricate, which lets you generate an entire synthetic database by describing what you want in a conversation, and Tonic Validate, a tool for evaluating how good your RAG system actually is across models from Anthropic, Google, Mistral, and others.
Who is buying, and why it's durable
The customer list is a good tell. Comcast, eBay, UnitedHealthcare, Fidelity Investments - companies in finance, healthcare, and telecom, which is to say companies where the data is both the most valuable asset and the most regulated liability. These are organizations where "let's just copy prod" ends careers. Tonic reports more than 100 customers, 10,000-plus developers using the tooling, and, in the kind of stat that is impossible to verify but fun to cite, over 100 petabytes of data processed.
The business model is the boring, good kind: B2B SaaS subscriptions, self-hosted or cloud, sold through the AWS and Microsoft Azure marketplaces, with integrations into places like Snowflake. It competes with Delphix, K2View, IBM Optim, and newer synthetic-data startups like Gretel and Mostly AI. The funding arrived in reasonable steps - an $8M Series A led by GGV Capital, then a $35M Series B led by Insight Partners in September 2021 - rather than the frothy mega-rounds that tend to age badly.
The competitive framing tells you something about where the category is heading. Delphix and IBM Optim come from the old world of "test data management," a discipline that was mostly about moving and masking copies of databases for large IT shops. The newer entrants - Gretel, Mostly AI - come from the machine-learning side, where synthetic data is a way to augment training sets and paper over gaps. Tonic sits, deliberately, in the middle: it started with the developer's test-data problem and then walked toward the AI team's data-preparation problem, which turns out to be the same problem wearing different clothes. In both cases the job is to produce data that is faithful in the ways you need and empty in the ways you fear.
A remote-first company of around 85 people, Tonic keeps offices in San Francisco, Atlanta, New York, Washington, and London - a footprint that maps less to where engineers want to live and more to where regulated industries and government-adjacent buyers cluster. The culture it advertises is unremarkable in the good way: curiosity, responsibility about data, a stated belief that privacy is a right rather than a compliance checkbox. It is the kind of positioning that would be easy to dismiss as branding, except that the product is, functionally, that belief compiled into software.
What makes Tonic interesting is not that it is flashy - it is emphatically not. It sells infrastructure for a problem most people would rather not think about. But the problem is not going away. Every new AI initiative multiplies the demand for data and multiplies the number of places sensitive information can leak. Regulation is tightening, not loosening. The gap between "we have valuable data" and "we are allowed to use it" is the gap Tonic lives in, and that gap is getting wider.
Which is the quietly clever thing about a company called @tonicfakedata. The security industry spends its entire existence trying to prevent fake data from getting into systems. Tonic figured out that the same skill, pointed in the opposite direction, is worth building a company around. The fake data is the product. The realness is the hard part.