Branch your Postgres.
Keep production where it is.

As engineering teams grow, database environments become the bottleneck. Shared staging creates queues and conflicts. Full clones make per-engineer isolation cost-prohibitive. And copying production data for realistic testing exposes PII and PHI across every non-production environment. Xata's copy-on-write branching and built-in anonymization give every engineer an isolated, production-like Postgres instance — without migrating production and without linear cost scaling.

The problem at enterprise scale

Enterprise engineering teams face three compounding problems with database environments. Each one is manageable in isolation. Together, they become a significant drag on developer velocity and a source of compliance risk.

Shared staging creates bottlenecks

A shared staging database is a serialization point. Developers queue for access, overwrite each other's test data, and hold up releases while waiting for the environment to settle. The larger the team, the worse the contention. At 75+ engineers, a single shared staging database becomes the bottleneck for the entire release process.

Full-clone environments cost 1:1

The natural solution is per-engineer isolation, but a full copy of production for each developer means storage and compute cost scales directly with headcount. At 5 TB with 75 engineers, that is over $100K per month in database infrastructure alone — before accounting for the operational overhead of keeping 75 environments current and consistent.

Production data in dev environments

Engineering teams copy production data for realistic testing because seed files don't reflect real data distributions, edge cases, or query plans. But every copy is a compliance event. PII and PHI spread across non-production environments with every refresh. Manual scrubbing is error-prone and doesn't scale. Compliance risk compounds with every engineer and every copy.

How Xata solves it

Xata addresses all three problems simultaneously. Copy-on-write branching makes per-engineer isolation economical. Anonymization during replication eliminates PII from non-production environments before branches are ever created. And logical replication means production stays exactly where it is.

Copy-on-write branching

Branches share the source database's storage and only store the deltas — the writes that diverge from the source. 200 branches of a 5 TB database do not cost 1,000 TB. They cost 5 TB plus the changes each branch makes. Scale-to-zero compute means idle branches consume nothing. You only pay when a branch is actively serving queries.

Built-in anonymization

Anonymization is applied during replication, before branches are created. Developers work with production-like data — real schemas, real relationships, real distributions — without ever seeing raw customer data. The anonymization range covers basic column masking and hashing through to HIPAA Expert Determination with k-member microaggregation. The compliance boundary is built into the data layer, not bolted on by the application.

BYOC deployment

Data stays in your cloud account — AWS, GCP, or Azure. Xata manages the platform; you keep data sovereignty and can apply your existing security controls, audit tooling, and network policies. You also keep your negotiated cloud discounts, which matters at enterprise scale.

Zero-downtime schema changes

pgroll serves old and new schema versions in parallel during migrations. Applications reading the old schema continue to work while the new schema is being deployed. Rolling upgrades happen without downtime and without complex orchestration. Roll forward or back at any point in the process.

The business case

For an enterprise with 300 engineers running a 10 TB HIPAA-regulated Postgres, the current state is typically around $133K per month: 50 shared replicas, manual PII scrubbing, and PHI exposure risk across every environment. With Xata, the same team runs 30,000 isolated branches with automated HIPAA-grade anonymization and zero PHI exposure — at around $60K per month. That is a 55% infrastructure cost reduction, with compliance risk eliminated rather than managed. See pricing details.

From evaluation to production

Adoption follows a straightforward sequence. First, point Xata at your existing RDS, Aurora, Cloud SQL, or self-hosted Postgres instance — no data migration, no downtime, no changes to production. Second, define your anonymization rules: which columns to mask, hash, fake, or anonymize via microaggregation. Rules are applied during replication to the staging replica.

From there, developers create copy-on-write branches from the anonymized replica on demand. Each branch is a fully isolated Postgres instance with production-like data. CI/CD integration automates the lifecycle: branches spin up per pull request, tests execute against real data shapes and distributions, branches tear down when the run completes. Scale-to-zero keeps idle cost at zero.

Schema changes are deployed using pgroll, which handles dual-version schema serving so migrations apply without downtime — on branches first, then on production when ready.

Enterprise requirements

Xata supports the compliance and operational requirements enterprise teams carry into infrastructure decisions. Available today: HIPAA-grade anonymization, BYOC deployment on AWS/GCP/Azure, SSO and SAML, role-based access control, priority support with SLA, and audit logging. Multi-region deployment is available on the Enterprise plan. SOC 2 Type II certification is in progress.

How we compare

vs Neon: Neon requires migrating your production database to their platform and runs a custom Postgres fork. Xata connects to your existing Postgres via logical replication, runs vanilla Postgres, and supports BYOC deployment so data never leaves your cloud account. Full comparison.

vs traditional cloning:Full database clones scale linearly. 20 clones of a 5 TB database cost 100 TB. Xata's copy-on-write branches share storage, so 20 branches cost 5 TB plus deltas. Scale-to-zero means idle branches consume zero compute.