Privacera has announced that it has open-sourced its GenAI governance solution, Privacera AI Governance (PAIG). It is now called PAIG OSS and is free to download from the company’s GitHub repository. The company hasn’t said how this will sit with the paid-for version.
Balaji Ganesan, CEO and Co-Founder of Privacera said, “Open-source frameworks like PAIG OSS are vital for the future of GenAI because they embody the principles of transparency, collaboration, and inclusivity.
“By standardizing on open APIs and fostering a community-driven approach, we not only accelerate innovation but also ensure that the development of GenAI aligns with ethical standards and diverse perspectives.
“API governance and data leadership are crucial for building trust in AI systems and making them more resilient, secure, and adaptable to the evolving needs of businesses and society.”
Who is Privacera?
Founded in 2016 by the creators of Apache Ranger, Privacera is focused on the challenge of AI and data security governance. It attracted $13.5 million in a Series A funding in 2020 and a further $50 million in a Series B round in 2021. Since then, the company has been self-funding through customer growth.
PAIG was released to general availability in October 2023. The company announced it would focus on the AI application lifecycle from initial data discovery to fine-tuning and the expansion using RAG. It also provides continuous monitoring of AI Governance through the use of audit trails. PAIG also has an SDK that can be integrated into existing GenAI applications and LLMs.
Since that launch, Privacera has announced that PAIG has been integrated with AWS to provide security for foundational models used for GenAI. It uses Amazon Bedrock and Amazon SageMaker.
The company has also announced two updates for PAIG. The first, in April, was new access control and fine-grained data filtering functionality for Vector BD/RAG. The second, in July, was a private preview of Posture Manager. Since then, there has been no announcement of when Posture Manager will be generally available in PAIG.
Key Features of PAIG OSS
Privacera lists the key features of PAIG OSS as:
- Extensibility: Seamless integration with a wide range of Large Language Models (LLMs), Vector Databases (VectorDBs), orchestrators, and other AI tools.
- Security and Safety: Privacera implements best practices and recommendations from leading security frameworks, including NIST and OWASP. It also announced it was SOC 2 compliant, a key element for governance.
- Flexibility: PAIG OSS allows users to integrate new tools and solutions without needing to rewrite their applications.
- Observability: Organizations can monitor all invocations to LLMs and Retrieval-Augmented Generation (RAG) systems. This reduces the risk of data leakage and enhances data security.
- Future-Proofing: Continuously updated to include the latest security and safety solutions.
- User-Focus: PAIG OSS provides a robust framework incorporating the best available point solutions, allowing developers to concentrate on their core use cases.
Enterprise Times: What does this mean?
This announcement creates some uncertainty. At present, customers can sign up for a 30-day trial of PAIG. However, the website doesn’t give details of pricing or the benefits of a paid-for version.
There is a comparison to Immuta, a product that Privacera sees as PAIG’s main competitor. However, that is more about feature mapping than a detailed list of what is in the paid-for product.
It opens up several questions for customers. How far ahead of the paid-for version is PAIG OSS? It is typical for the free version of any open-source project to have early access to technology that may not be production-ready. What support is there for PAIG OSS? Most open-source solutions rely on community support, but customers will be interested in how they can buy access to support.
Privacera’s partners will also want to know how this will affect them. What version will they be building on? Can they white-label PAIG OSS as part of their solution? Particular interest will be on the issue of connectors. Will they be available in PAIG OSS, or will customers be able to buy them without going through partners?
Community support appears to be a mix of downloads via GitHub and a Discord channel that only went live a couple of days ago. It will be interesting to see how quickly it grows. There are currently just 41 members but the announcement should help to drive people there. One benefit of a community channel is add-ons such as additional integrations, but there doesn’t seem to be a place for this at the moment.
Privacera is following a well-trodden path for open-source companies by offering a paid-for and free version of its solution. However, it needs to provide more information about the differences as soon as possible.
Hi Ian, thank you for the writeup on PAIG Open Source. You correctly point out this is a fairly new project and we are just starting out on this journey. Our founders (Balaji Ganesan and Don Bosco Durai) are very familiar with this journey, having done that at Hortonworks when their company XASecure was acquired and became Apache Ranger and then they also developed Apache Atlas. Some reading from Balaji: https://www.linkedin.com/pulse/announcing-paig-open-source-initiative-ai-security-balaji-ganesan-9yxpc/?trackingId=uKDeLBv6TliJT7OcvPQXTQ%3D%3D
You raise some important questions and I might have just been a little late on getting my website updates pushed live. There is a section on this page (https://privacera.com/products/ai-governance/) showing the differences. I do not seem to be able to add the table into this comment.
The short version is that it is pretty much the same product with the same core capabilities. The differences are on our managed service side (SAAS). So we handle the multi-tenant stuff, support, high availability etc.
Pricing for our paid version starts at around $20k per year for 100 users and 3k queries/ questions per month per user. That said, we have a free trial as well if folks just want to get their hands dirty. https://na.privacera.ai