Trust at Peregrine
In complex, interconnected information ecosystems, failures rarely announce themselves. They accumulate through small, quiet missteps: overly permissive access rules, inconsistent retention enforcement, broken audit trails.
Peregrine has been designed at every level of the platform to empower our customers to eliminate these risks. Our platform is designed so that you can protect your data through the entire life cycle, giving you total ownership and control at all times in a transparent, secure, and compliant ecosystem.
data ownership and access
Full ownership and granular control of your data
data governance
Always be in control of your data
- Ownership: Maintain full ownership and control of your data at all times, with Peregrine never collecting, selling, or repurposing customer information.
- Interoperable: Ensure your data is portable and usable across your ecosystem; Peregrine's commitment to interoperability means that customer data is available to your vendor partners.
- Retention and deletion: Apply retention and deletion rules that you choose to ensure that your data is kept only as long as required.
Purpose-built data policies
Policy-driven protection enforced across the platform
- Projection policies: Define data access rules that determine whether specific fields can be returned in query results, allowing organizations to restrict exposure of sensitive fields while still enabling analytical operations.
- Data usage limitations: Exercise full control over data usage, including whether users can view, search, share or export your data.
- Secure collaboration: Share data securely by enforcing access rules set by the data owner.
Fine-grained access controls
Least-privilege access enforced at every level
- Role- and attribute-based controls (RBAC + ABAC): Enforce least-privilege access by granting role-based permissions and further constraining access using contextual attributes such as IP address and access purpose. Controls can be applied down to the row and field level, including field-level redaction of sensitive data.
- Purpose-bound data sessions: Require explicit, purpose-bound access to sensitive data by enforcing just-in-time justification at the moment of use, with every access logged alongside full contextual metadata for audit and review.
Transparency
Understand your data linkages and monitor access in real time
Semantic ontology
A semantic layer for end-to-end visibility
- Clarity through semantic structure: Unify data across systems into a shared semantic model, the semantic ontology, that makes assets, relationships, and usage understandable and intuitive across the organization.
- Lineage: Understand how data is ingested, transformed, and consumed so organizations can trace how information flows through their data landscape.
- Provenance: Capture where data originates and how it was derived, enabling teams to assess validity and reliability for every data element.
Immutable audit logging
Comprehensive visibility across all data uses
- Immutable records of platform actions: Review detailed audit logs that record user-level actions (e.g., access, exports, transformations) with identity and timestamp metadata, enabling organizations to reconstruct who did what, when, and where.
- Masking and access controls for logs: Control access to log content and visibility to enable security teams and auditors to review historical activity, demonstrate adherence to policies/regulations, and investigate anomalous or unauthorized behavior.
Actionable alerting
Proactive monitoring for suspicious and sensitive activity
- Proactive platform monitoring: Use Peregrine's analytics tools to sift through comprehensive audit logs and surface key information, such as new account activations or platform utilization.
- Anomaly detection and alerts: Set push notifications for admins to identify suspicious activities such as privilege escalation, new user activity, or suspicious logins.
Governance, security, and compliance
Unified governance, security, and compliance features deliver enterprise-grade protection with flexible controls
Identity and platform access
Centralized identity enforcement and secure access control
- Identity provider integration: Integrate Peregrine directly with your identity providers, using Single Sign-On (SSO) to ensure that user identities are managed within the customer's own authoritative systems.
- Multi-Factor authentication (MFA): Enforce strong authentication controls by always requiring Multi-Factor Authentication in non-SSO environments.
- Network-level security: Restrict platform access via network policies to provide stronger security guarantees.
Compliant and secure
Verified controls for regulated environments
- Regulatory alignment: Built-in data protection and governance capabilities enforce lawful, purpose-based use of sensitive information, supporting compliance with global privacy and security requirements across public sector and regulated industries.
- FedRAMP High authorized platform: Peregrine is FedRAMP High authorized and operates within AWS GovCloud environments, providing validated security controls, continuous monitoring, and data sovereignty protections required for sensitive government workloads.
- Independently audited and certified: Peregrine maintains a SOC 2 Type II attestation and has successfully completed an ISO 27001 audit with no findings or discrepancies (certification pending issuance). The platform also supports HIPAA and HITRUST compliance requirements for handling protected health information.
- Secure cloud operations: Our architecture is purpose-built for regulated environments, incorporating least-privilege access, strong identity controls, and continuous security monitoring aligned with CJIS, HIPAA, and federal security expectations.
- Modern encryption standards: Data is protected in transit using TLS 1.3 with FIPS 140-3 validated cryptographic modules and AES-256 encryption. Data at rest is encrypted using AES-256 in accordance with FIPS 197 standards, ensuring strong, industry-aligned protection of sensitive information.
Data sovereignty
Clear ownership and jurisdictional control
- Sovereignty: Keep data securely stored and processed within approved domestic jurisdictions, helping international, federal, state, and local organizations meet data residency requirements.
Responsible AI
Built-in governance to ensure AI systems are trustworthy, auditable, and human-centered
AI ethics by design
Responsible AI embedded across the system lifecycle
- Data privacy as a foundation: AI models are not trained on customer data, ensuring proprietary and sensitive information remains isolated, protected, and never leaves your secure environment.
- Resilient and secure agent design: Ensure reliability through controlled deployment processes, including versioning, rollback mechanisms, and continuous monitoring, while strictly enforcing security boundaries so AI systems respect access controls, data sensitivity, and jurisdictional requirements.
- System-level evaluation: AI systems are assessed holistically, including data pipelines, models, interfaces, and human workflows, so that ethical considerations are applied to real-world operational use.
Verifiable AI
AI that is controlled, explainable, and rigorously sourced
- Controlled AI access: Granular permissions define who can build, modify, enable, and use AI-driven workflows. AI workflows must be enabled by the customer and all AI outputs are clearly labeled.
- Interpretable outputs: AI product features are designed to avoid opaque “black box” behavior, providing visibility into reasoning, tool orchestration, and supporting evidence so users can understand and verify all outputs.
- End-to-end provenance: AI outputs have comprehensive lineage to show reasoning and cite data sources, with links back to underlying evidence for verification by users.
Human-centered deployment
AI that complements human judgment to operate responsibly
- Human-in-the-loop safeguards: Critical decisions remain under human control with Peregrine's AI workflow tools acting in an assistive capacity only; AI tools are designed to complement human tactical investigative decisions.
- Context-aware presentation: AI outputs align with business and operational context, relying on a shared semantic ontology so users can make informed decisions about implications, tradeoffs, and downstream effects before acting.
- Deterministic guardrails: Constrain AI behavior where precision is required by enforcing defined business logic and policy-driven rules, so that outputs remain predictable, auditable, and aligned with operational intent.
Trust is in the details
Talk to our team about how Peregrine's controls map to your requirements
Speak to an expert