Bring your own cloud (BYOC) · Private deployment

Your data. Your agent. Your cloud.

The only full analytics platform that runs in your cloud. Data stays with you in open formats. No egress, no lock-in.

AWS · GCP · Azure

Your Kubernetes cluster● Single-tenant
API servicesingle-tenant, isolated to you
Lakehousescalable storage, blazing-fast queries
Job runnerschedule anything, on any cadence
Fi, the AI data agentqueries, builds, and automates
§ 01 · Who it's for

AI analytics that runs where your data already lives.

Teams in finance, cyber, and other regulated industries want the AI analyst. The catch is that modern, AI-native tools pull your data into their cloud to do it. Definite runs the analyst where your data already lives, so you do not have to choose between modern and secure.

You cannot put advisor-client conversations or PII in a SaaS analytics tool
Data-residency rules, client PII obligations, vendor-risk policy

Your cloud. Your region. Single-tenant.

You cannot send risk-intelligence data to a third-party SaaS
Vendor-risk review, sensitive threat data

Your data stays in your cloud.

You cannot let analytics data leave your environment
Compliance rules that forbid external egress

No standing inbound. The LLM is reached through a proxy in your network.

§ 02 · Bring your own cloud

One Helm chart onto a cluster you control.

Definite deploys as one Helm chart onto a Kubernetes cluster you control. A Rust CLI (definite) wraps Helm and drives it, but all chart values and manifests are inspectable and exportable via definite export-helm, so teams that run their own infrastructure-as-code pipeline can manage the chart with helm and kubectl directly.

Google Cloud
GKE · Cloud SQL · Cloud Storage
Supported
AWS
EKS · RDS · S3
Supported
Azure
AKS · Azure Database · Blob Storage
Supported
Any Kubernetes
Kubernetes 1.28+
Supported · any conformant cluster
Deploy flow · the same CLI handles status, logs, and upgrades
$ definite doctor
Preflight checks: Postgres, Kubernetes, object store, identity provider, LLM
$ definite bootstrap
Ingress, TLS certificates, sandboxing
$ definite init
Stand up the platform
$ definite upgrade
Pull the new chart, migrate, rolling restart, on your timeline
Or have an agent install it for you
agent prompt
Help me set up Definite. Look at https://docs.definite.app/on-prem/agent-setup.md
§ 03 · Control is the product

What runs in your cloud vs what Definite manages.

Everything that touches your data runs inside your environment. Definite ships the release artifacts, not the runtime. That keeps your security review short: the questions that usually stall a vendor (data egress, access paths, lock-in) all have the same answer, your data stays with you.

01
Runs in your cloud
your Kubernetes cluster
  • API service (single-tenant)
  • Frontend web UI
  • Lakehouse compute
  • Job runner and scheduler
  • Fi, the AI data agent, isolated per conversation
02
Yours, never held by Definite
referenced by Definite's software
  • PostgreSQL 15+ (application metadata: users, models, job state)
  • Object store: S3, GCS, or any S3-compatible store (lakehouse data, open Parquet)
  • Your identity provider (SSO via Okta, Microsoft Entra, or Google)
  • Your chosen LLM endpoint (Bedrock, Vertex, Azure OpenAI, or a self-hosted open-source model)
03
Definite manages
release artifacts, not runtime
  • Versioned container images and the Helm chart
  • The definite CLI: preflight, deploy, upgrade, diagnostics
  • New releases on a published cadence; you apply them when you choose
Built so your security review is short
01

Single-tenant, by design. One deployment, one organization. No shared infra, database, or partitioning.

02

No standing access. The deployment runs entirely in your environment and needs no inbound connection from Definite.

03

Your data stays in your cloud. Your data never returns to our servers.

04

No copy of your data. Analytical data sits in your object store as open Parquet; metadata in your Postgres. Definite holds neither.

05

Upgrades on your timeline. Releases ship on a published cadence; you apply them when you choose. Nothing is forced.

§ 04 · What's included

The full platform, shipping today.

Every capability below is built and running in the deployed product today. This is what you get, not a roadmap.

01
Lakehouse & query
  • DuckDB lakehouse on open Parquet, stored in your object store.
  • SQL query API and editor, data-access enforced and every run logged.
  • Data catalog: tables, schema, row preview, activity history.
  • Table freshness and SLA tracking, with maintenance and vector search.
02
Data ingestion
  • Postgres-to-lakehouse sync, incremental and full-refresh.
  • Custom Python ingestion steps.
  • File upload: CSV, Parquet, and JSON.
  • Pre-built integrations with bring-your-own OAuth apps, plus SSH tunnel.
03
Semantic layer
  • Reusable semantic models, defined in YAML and managed over an API.
  • Search across dimensions and measures.
  • SQL can reference your semantic models directly.
04
Automations
  • Automation pipelines that run SQL, Python, data syncs, agent steps, and more.
  • Timezone-aware scheduling and event triggers.
  • Conditional step guards: skip a step when there are no rows, on success, or on a truthy result.
  • Stored, reusable Python scripts.
05
Autonomous monitoring agents
  • Monitors that check your data, decide with an LLM, then take action.
  • Actions range from a Slack message, webhook, or SQL to a full Fi agent run.
  • Alert cooldowns and memory across runs.
06
Fi, the AI data agent
  • Conversational agent that runs in an isolated sandbox per conversation.
  • Deep built-in toolset: SQL, catalog, integrations, docs, memory, and web.
  • Two-layer memory: recent run history plus durable facts about your workspace.
  • Reachable from the web UI, CLI, automation steps, and an MCP server.
07
Data apps & embedding
  • React data apps: build and deploy with the CLI.
  • Embed externally with signed, expiring tokens.
  • Row- and column-level scoping per embed.
08
Auth, permissions, operations
  • App roles (viewer, editor, admin), custom roles, and per-item permissions.
  • Table-level data-access roles, down to schema and table.
  • Full audit log and inbox alerts (failures, SLA breach, schema change).
  • SSO via Okta, Microsoft Entra, and Google, with local auth as a fallback.
09
Web UI
  • Full web UI: Home, Query, Catalog, Fi, Automations, Agents, Integrations, Data Apps, Projects, Inbox, Docs, Settings.
  • In-app product docs and a global command palette.
§ 06 · Sources

Connect every source you already use.

The job runner connects to any source you can reach over an API, so the data you already pull into Definite comes in the same way inside your own cloud. It runs inside your environment, with an integrations framework, Python ingestion steps, and a generic webhook to land anything else.

The deployment ships a growing integration catalog covering the sources below and more. They are examples of what the job runner connects to, not a fixed list.

Salesforce
Salesforce
PostgreSQL
PostgreSQL
Stripe
Stripe
HubSpot
HubSpot
Shopify
Shopify
Snowflake
Snowflake
MySQL
MySQL
MongoDB
MongoDB
Google Analytics
Google Analytics
Segment
Segment
NetSuite
NetSuite
+
and any other API

If you can reach it over an API, the job runner can pull it, all without your data leaving your network.

§ 07 · Bring your own agent

The governed data layer for every agent in your company.

Because Definite already runs in your environment, it is the safe place to point every other AI agent your team adopts. Fi is built in, and Definite also exposes your governed data through an MCP server, so the AI tools your team already uses can reason over your data without that data leaving your network.

01
Any MCP client

Claude, Cursor, and your own internal or custom agents connect over the open Model Context Protocol. One governed layer, many agents.

02
In your environment

Agents reason over your data without it leaving your network.

03
Read-only by design

Agents query and analyze; they do not mutate your data or configuration.

04
Governed and audited

The same data-access roles and audit log that govern your users govern every agent query.

Not just your analytics in your environment, but the trusted layer every AI agent in the company reads from.

§ 09 · FAQ

Questions from security teams, answered.

Definite is SOC 2 Type II. Review the controls report and architecture documentation at trust.definite.app.

Ingestion, storage, query execution, and dashboard rendering all happen inside your environment—analytical data in your object store as open Parquet, application metadata in your Postgres. The one exception is the LLM endpoint you configure for Fi, since its prompts can include query results. Point it at an in-VPC endpoint and nothing leaves your network; choose a cloud-hosted one and that prompt context goes to it under your own data agreements. You control which—for regulated workloads, we recommend in-VPC.
Yes. This is a single-tenant, self-hosted (on-prem) distribution. One deployment equals one organization: no shared infrastructure, no shared database, no multi-tenant partitioning. You are the only tenant.
Nothing. The deployment runs entirely in your environment and requires no inbound connection from Definite. Your data never returns to our servers.
Fi reasons over your data using an LLM you provide credentials for. Fi is designed to send only the prompt context it constructs to the endpoint you chose, not bulk data. Point it at a Bedrock or Vertex endpoint inside your VPC, or a self-hosted model, and nothing leaves your network.
Yes. SSO via Okta, Microsoft Entra, and Google (OIDC). Local Postgres-backed auth is available for initial setup and as a fallback.
Customer-initiated. The definite CLI is the supported upgrade path: definite upgrade pulls the new chart version, sequences database migrations, and performs a rolling restart. You choose when; upgrades are never forced. Your SREs can manage values and manifests with their own tooling; for GitOps pipelines (ArgoCD, Flux), run the migration step as a pre-upgrade hook or a separate job before the chart version rolls forward.
HIPAA fit comes from architecture and a signed BAA. In the private deployment, PHI stays in your environment and Definite holds no copy. If you process PHI, we sign a BAA.
Yes. We complete standard security questionnaires and join calls with your InfoSec or vendor-risk team. The private-deployment model usually shortens these reviews: the highest-risk questions (where does our data go, who can access it) have a one-word answer, yours.

Own your data.

A 30-minute call with our founding team. We will walk your team through the architecture and the economics, complete your security questionnaire, and scope the deployment.

SOC 2 Type II · trust.definite.app