The Protegrity AI Team Edition introduces a modern, container-based approach to data protection built on a microservices architecture. It enables organizations to evaluate how Protegrity’s methods, such as, policy management, anonymization, discovery, and semantic controls, integrate into AI and analytics pipelines.
This is the multi-page printable view of this section. Click here to print.
Overview of Protegrity AI Team Edition
An overview of the Protegrity AI Team Edition.
1 - Architecture and Design Principles
Architecture of AI Teams Edition
Protegrity AI Team Edition delivers core Protegrity capabilities. This includes governance, discovery, protection, privacy, and semantic controls. It is provided in a lightweight, containerized form factor that emphasizes fast deployment, simplified operations, and consistent enforcement of data security policies across environments. It is designed around five engineering goals: ease of deployment, high availability, scalability, extensibility, and maintainability.
| Goal | Implementation Details |
|---|---|
| Ease of Deployment | - OpenTofu templates provision a Kubernetes environment (EKS) with minimal manual intervention. - Helm Charts deploy and configure all components for consistent, reproducible setups. - Because each component runs as a container image, upgrades and patches follow standard CI/CD workflows. |
| High Availability | - Kubernetes manages service health and redundancy automatically. - No Trusted Appliance Cluster (TAC) required. - No external load balancers required. - No manual replication required. |
| Scalability | - The system scales horizontally and vertically through Kubernetes-native scale-up and scale-down mechanisms. - Administrators can adjust resources dynamically as workloads grow or shrink without redeployment. |
| Extensibility | - New capabilities are introduced by adding new container images and Helm configurations. - Allows incremental feature expansion without redesign. |
| Maintainability | - Kubernetes simplifies lifecycle management. - Updating a container image replaces an older version automatically, avoiding downtime and manual patching. |
2 - Protegrity Common Services
Common services offered by Protegrity AI Team Edition
All deployments include a standardized set of common services delivered by a microservices architecture provide routing, security, and audit capabilities for all features and protectors.
| Service | Description |
|---|---|
| Authentication and Authorization | Provides user and service credential validation with role-based access enforcement. |
| Backup and Restore | Creates periodic backup of the cluster and indexes for restoration during Disaster Management. |
| Certificate Management | Manages and validates TLS certificates for inbound and inter-service communication. |
| Common Ingress Controller | The main entry point for all API and service traffic to the cluster. |
| Insight | Provides logging and auditing capabilities using OpenSearch for event storage and Insight Dashboard for visualization and reporting. |
3 - Compatible Features
Services offered by Protegrity AI Team Edition
The various features compatible with Protegrity AI Team Edition are provided here.
* - Available for purchase as an add-on. Can be installed as an individual product.
| Feature | Description |
|---|---|
| Anonymization | Apply statistical privacy models such as k-anonymity, l-diversity, and t-closeness to sensitive datasets. |
| Data Discovery | Automatically identify structured and unstructured sensitive data through pattern matching and machine learning classification. |
| Policy Manager | Define and manage data protection policies that govern tokenization, masking, and anonymization. |
| Protegrity Agent | Intelligent assistant for automated policy creation, data classification recommendations, and guided configuration of protection workflows. |
| Semantic Guardrails | Apply contextual and runtime safeguards to AI and analytics workflows to prevent data leakage or misuse. |
| Synthetic Data | Generate tabular synthetic datasets for development, testing, and AI model validation without exposing real sensitive data. |
Protegrity Protectors
Protegrity AI Team Edition protectors enable organizations to embed data protection directly where data is processed, inside applications, analytics engines, or cloud-native data systems. The protectors use the Workbench for obtaining the policy for processing. The Protegrity Agent is available for creating and working with policies in the Workbench.
Application Protectors
Application protectors provide data protection directly within applications or runtime containers. They are suitable for teams developing secure APIs or microservices that handle sensitive data in languages such as Java, Python, or .NET.
| Name | Description | Part Number |
|---|---|---|
| Application Protector – Java Container | Protects data within Java-based containers, such as OpenShift and EKS. | ApplicationProtector_RHUBI-9-64_x86-64_Generic.K8S.JRE-1.8_10.1 |
| Application Protector – REST Container | Provides REST-based protection services for containerized workloads. | REST_RHUBI-9-64_x86-64_K8S_10.1 |
| Application Protector – Python (Linux) | Protegrity Application Protector for Python environments. | ApplicationProtector_Linux-ALL-64_x86-64_PY-3.11_10.0 |
| Application Protector – Java (Linux) | Standard Java runtime protector. | ApplicationProtector_Linux-ALL-64_x86-64_JRE-1.8-64_10.0 |
| Application Protector – .NET | Protegrity Application Protector for Microsoft .NET applications. | ApplicationProtector_WIN-ALL-64_x86-64_NET-STD-2.0-64_10.0 |
Repository Protectors
Repository protectors allow you to apply data protection directly within persistent data stores, enabling sensitive data to remain protected at rest while still being used for analytics and AI workloads.
These protectors consist of Big Data Protectors for Amazon EMR, Databricks, and CDP Data Hub and Cloud-Native Data Warehouse protectors for analytics environments such as Snowflake, Redshift, and Athena.
| Name | Description | Part Number |
|---|---|---|
| Big Data Protector – Amazon EMR | Provides data protection within Amazon EMR clusters. | BigDataProtector_Linux-ALL-64_x86-64_EMR-7.9-64_10.0 |
| Big Data Protector – Databricks | Enables tokenization and masking for Databricks on AWS. | BigDataProtector_Linux-ALL-64_x86-64_AWS.Databricks-17.3-64_10.0.1 |
| Big Data Protector – CDP Data Hub | Supports Cloudera DataWorks Platform deployments on AWS. | BigDataProtector_Linux-ALL-64_x86-64_AWS.Generic.CDP-Datahub-7.3-64_10.0 |
| Cloud Native Data Warehouse Protector – Snowflake | Integrates with Snowflake for secure, compliant analytics on AWS. | CP_SVRL-ALL-64_x86-64_AWS.Snowflake_4.0 |
| Cloud Native Data Warehouse Protector – Redshift | Provides protection for Amazon Redshift queries and transformations. | CP_SVRL-ALL-64_x86-64_AWS.Redshift_4.0 |
| Cloud Native Data Warehouse Protector – Athena | Applies protection to Amazon Athena query execution. | CP_SVRL-ALL-64_x86-64_AWS.Athena_4.0 |
| Cloud Storage Protector – Amazon S3 | Applies protection for Amazon S3. | CSP-S3_SVRL-ALL-64_x86-64_AWS.S3_2.0 |
Cloud API
The Cloud API protector extends Protegrity protection to AWS serverless and API-based workloads. It is typically used for securing transient data handled by AWS Lambda or similar function-based architectures.
| Name | Description | Part Number |
|---|---|---|
| CloudProtect – Cloud API – AWS | Protegrity CloudProtect using AWS Serverless Functions. | CP_SVRL-ALL-64_x86-64_AWS.API_4.0 |