Trust at Peregrine
In complex, interconnected information ecosystems, failures rarely announce themselves. They accumulate through small, quiet missteps: overly permissive access rules, inconsistent retention enforcement, broken audit trails.
Peregrine has been designed at every level of the platform to empower our customers to eliminate these risks. Our platform is designed so that you can protect your data through the entire life cycle, giving you total ownership and control at all times in a transparent, secure, and compliant ecosystem.
data ownership and access
Full ownership and granular control of your data
data governance
Always be in control of your data
- Ownership: Maintain full ownership and control of your data at all times, with Peregrine never collecting, selling, or repurposing customer information.
- Interoperable: Ensure your data is portable and usable across your ecosystem; Peregrine's commitment to interoperability means that customer data is available to your vendor partners.
- Retention and deletion: Apply retention and deletion rules that you choose to ensure that your data is kept only as long as required.
Purpose-built data policies
Policy-driven protection enforced across the platform
- Projection policies: Define data access rules that determine whether specific fields can be returned in query results, allowing organizations to restrict exposure of sensitive fields while still enabling analytical operations.
- Data usage limitations: Exercise full control over data usage, including whether users can view, search, share or export your data.
- Secure collaboration: Share data securely by enforcing access rules set by the data owner.
Fine-grained access controls
Least-privilege access enforced at every level
- Role- and attribute-based controls (RBAC + ABAC): Enforce least-privilege access by granting role-based permissions and further constraining access using contextual attributes such as IP address and access purpose. Controls can be applied down to the row and field level, including field-level redaction of sensitive data.
- Purpose-bound data sessions: Require explicit, purpose-bound access to sensitive data by enforcing just-in-time justification at the moment of use, with every access logged alongside full contextual metadata for audit and review.
Transparency
Understand your data linkages and monitor access in real time
Semantic ontology
A semantic layer for end-to-end visibility
- Clarity through semantic structure: Unify data across systems into a shared semantic model, the semantic ontology, that makes assets, relationships, and usage understandable and intuitive across the organization.
- Lineage: Understand how data is ingested, transformed, and consumed so organizations can trace how information flows through their data landscape.
- Provenance: Capture where data originates and how it was derived, enabling teams to assess validity and reliability for every data element.
Immutable audit logging
Comprehensive visibility across all data uses
- Immutable records of platform actions: Review detailed audit logs that record user-level actions (e.g., access, exports, transformations) with identity and timestamp metadata, enabling organizations to reconstruct who did what, when, and where.
- Masking and access controls for logs: Control access to log content and visibility to enable security teams and auditors to review historical activity, demonstrate adherence to policies/regulations, and investigate anomalous or unauthorized behavior.
Actionable alerting
Proactive monitoring for suspicious and sensitive activity
- Proactive platform monitoring: Use Peregrine's analytics tools to sift through comprehensive audit logs and surface key information, such as new account activations or platform utilization.
- Anomaly detection and alerts: Set push notifications for admins to identify suspicious activities such as privilege escalation, new user activity, or suspicious logins.
Governance, security, and compliance
Unified governance, security, and compliance features deliver enterprise-grade protection with flexible controls
Identity and platform access
Centralized identity enforcement and secure access control
- Identity provider integration: Integrate Peregrine directly with your identity providers, using Single Sign-On (SSO) to ensure that user identities are managed within the customer's own authoritative systems.
- Multi-Factor authentication (MFA): Enforce strong authentication controls by always requiring Multi-Factor Authentication in non-SSO environments.
- Network-level security: Restrict platform access via network policies to provide stronger security guarantees.
Compliant and secure
Verified controls for regulated environments
- Regulatory alignment: Built-in data protection and governance capabilities help organizations meet global privacy and security standards by enforcing lawful, purpose-based use of sensitive information.
- Secure and compliant cloud operations: Hosted within FedRAMP-authorized compliant cloud regions designed to host sensitive and controlled government workloads with high security and data sovereignty controls.
- Compliant with security regulation: Peregrine undergoes annual audits to ensure data is always secure, confidential, and private according to SOC 2 Type II protocols.
- Encrypted at rest and in transit: Your data is protected from unauthorized access or interception, using FIPS 140-2 and 140-3 compliant cryptographic modules that meet the security standards required by highly regulated environments.
Data sovereignty
Clear ownership and jurisdictional control
- Sovereignty: Keep data securely stored and processed within approved domestic jurisdictions, helping international, federal, state, and local organizations meet data residency requirements.
Responsible AI
Built-in governance to ensure AI systems are trustworthy, auditable, and human-centered
AI ethics by design
Responsible AI embedded across the system lifecycle
- Data privacy as a foundation: AI models are not trained on customer data, ensuring proprietary and sensitive information remains isolated, protected, and never leaves your secure environment.
- Resilient and secure agent design: Ensure reliability through controlled deployment processes, including versioning, rollback mechanisms, and continuous monitoring, while strictly enforcing security boundaries so AI systems respect access controls, data sensitivity, and jurisdictional requirements.
- System-level evaluation: AI systems are assessed holistically, including data pipelines, models, interfaces, and human workflows, so that ethical considerations are applied to real-world operational use.
Verifiable AI
AI that is controlled, explainable, and rigorously sourced
- Controlled AI access: Granular permissions define who can build, modify, enable, and use AI-driven workflows. AI workflows must be enabled by the customer and all AI outputs are clearly labeled.
- Interpretable outputs: AI product features are designed to avoid opaque “black box” behavior, providing visibility into reasoning, tool orchestration, and supporting evidence so users can understand and verify all outputs.
- End-to-end provenance: AI outputs have comprehensive lineage to show reasoning and cite data sources, with links back to underlying evidence for verification by users.
Human-centered deployment
AI that complements human judgment to operate responsibly
- Human-in-the-loop safeguards: Critical decisions remain under human control with Peregrine's AI workflow tools acting in an assistive capacity only; AI tools are designed to complement human tactical investigative decisions.
- Context-aware presentation: AI outputs align with business and operational context, relying on a shared semantic ontology so users can make informed decisions about implications, tradeoffs, and downstream effects before acting.
- Deterministic guardrails: Constrain AI behavior where precision is required by enforcing defined business logic and policy-driven rules, so that outputs remain predictable, auditable, and aligned with operational intent.
Trust is in the details
Talk to our team about how Peregrine's controls map to your requirements
Speak to an expert