Tenant is the organisation and data-isolation boundary. Project is membership and execution scope inside it—not a browser display filter. Project selection controls effective roles, database search path and the resources visible to project-scoped modules.
Platform overview
One operating model from source to evidence.
advanexus brings data operations, governed assets, controlled analytics, Python work and available evidence into a shared tenant and project model while keeping each module responsible for its canonical records.
Actor, Source, FileVersion, TableVersion, DatasetVersion, ReportVersion, Environment, Run, Artifact, Evidence, Finding, Case and Ticket keep distinct canonical owners. Their explicit relationships are more valuable than one generic activity stream.
Register project-scoped Sources, resolve driver capabilities, inspect metadata and use bounded read-only exploration before promoting a result into a durable asset.
Preserve immutable file versions, inspect content, publish managed table versions, apply Data Quality assertions and retain execution outcomes for implemented Pipeline flows.
Give data definitions stable Dataset identity, pin ReportVersions to exact DatasetVersions and execute Analytics under known permission, RLS and filter context.
ANPy connects notebook revisions, environment identity, kernel lifecycle and bounded CellRuns without representing process memory as durable evidence.
Intelligence helps users reason and prepare registered actions; Assurance connects supported records into scoped investigations, findings, cases, integrity states and evidence packages.
Tenant and Project make scope an execution decision.
Tenant is the organisation and data-isolation boundary. Project is membership and execution scope inside it—not a browser display filter. Project selection controls effective roles, database search path and the resources visible to project-scoped modules.
Governed provisioning
Project creation aligns the tenant database, creates a marker-owned schema, applies runtime grants and registers the System Sandbox Source before the mapping is published.
Active context
Server-owned session state binds actor, tenant and active Project; protected requests revalidate that context rather than trusting headers or page state.
Explicit exceptions
Assurance is a tenant-wide read model, Service Desk is a tenant-wide queue with optional project context, and Intelligence may use global, project or exact-object scope.
Connect and discover.
Register project-scoped Sources, resolve driver capabilities, inspect metadata and use bounded read-only exploration before promoting a result into a durable asset.
Sources and connector capability contracts
Durable SQL Console workspaces, SavedQueries and QueryExecutions
Immutable Sandbox FileVersions and content-aware preflight
Build and validate.
Preserve immutable file versions, inspect content, publish managed table versions, apply Data Quality assertions and retain execution outcomes for implemented Pipeline flows.
Atomic stable-alias publication after validation
Source-oriented QualityRuns and bounded findings
Persisted query, transfer, delete, quality and Master run outcomes
Govern and analyse.
Give data definitions stable Dataset identity, pin ReportVersions to exact DatasetVersions and execute Analytics under known permission, RLS and filter context.
Dataset contract and immutable version comparison
Multi-binding AnalyticsRuns with per-binding diagnostics
Dashboards that retain individual widget-run outcomes
Extend with controlled Python.
ANPy connects notebook revisions, environment identity, kernel lifecycle and bounded CellRuns without representing process memory as durable evidence.
Understand, investigate and prove.
Intelligence helps users reason and prepare registered actions; Assurance connects supported records into scoped investigations, findings, cases, integrity states and evidence packages.
Identity, onboarding and Settings remain part of the operating model.
Controlled onboarding provisions tenant and project access; Settings manages account, team roles and tenant SAML policy. Authenticated requests require a matching active session registry record, current tenant/user state and server-owned canonical origin.
Enterprise entry
The default controlled path is platform-admin tenant provisioning, forced temporary-password change and explicit Project creation—not assumed public self-registration.
Team access
Current onboarding immediately creates or reuses users and assigns roles; it is not an invitation-email or pending-token lifecycle.
SAML and MFA evidence
SAML metadata/login/ACS, JIT identity linking, domain policy and IdP-asserted MFA evidence are delivered; application TOTP/WebAuthn and complete step-up UI are not.
Session safety
Revoked, expired or mismatched registry state fails closed; password changes, resets and account deletion revoke active sessions.
Service Desk connects operational communication without becoming evidence by assertion.
Tenant users can create and follow bounded support, billing, security, bug, feature and incident tickets. Platform administrators can reply, add internal notes, assign and change status; supported ticket events can be projected into Assurance.
Tenant queue is tenant-wide; project identity is optional context, not the list authorisation predicate.
Internal notes remain hidden from tenant templates, while public replies remain part of the tenant thread.
Attachments, SLA automation, email/webhooks, immutable TicketVersion and full ITSM/CMDB behaviour are not current capabilities.
Guided tours explain the real product, not a disconnected video.
Shared tour infrastructure can demonstrate SQL Console, Dataset detail and Analytics with synthetic examples, play/pause/next controls and page-like modal surfaces. Tours teach workflow and boundaries; they do not execute tenant actions or replace documentation.
Capability status is part of the product contract.
Available, production-oriented, environment-dependent and planned are different states. A public feature statement never replaces live acceptance on the exact revision and deployment.
Next step
Start with the flow that cannot afford ambiguity.
Bring the systems, owners, rules, delivery obligations and evidence requirements that matter.
Discuss a critical flow