Platform overview

One operating model from source to evidence.

advanexus brings data operations, governed assets, controlled analytics, Python work and available evidence into a shared tenant and project model while keeping each module responsible for its canonical records.

advanexus brings data operations, governed assets, controlled analytics, Python work and available evidence into a shared tenant and project model while keeping each module responsible for its canonical records.
Tenant and Project make scope an execution decision.

Tenant is the organization and data-isolation boundary. Project is membership and execution scope inside it—not a browser display filter. Project selection controls effective roles, database search path and the resources visible to project-scoped modules.

Shared objects make the lifecycle understandable.

Actor, Source, FileVersion, TableVersion, DatasetVersion, ReportVersion, Environment, Run, Artifact, Evidence, Finding, Case and Ticket keep distinct canonical owners. Their explicit relationships are more valuable than one generic activity stream.

Connect and discover.

Register project-scoped Sources, resolve driver capabilities, inspect metadata and use bounded read-only exploration before promoting a result into a durable asset.

Build and validate.

Preserve immutable file versions, inspect content, publish managed table versions, apply Data Quality assertions and retain execution outcomes for implemented Pipeline flows.

Govern and analyze.

Give data definitions stable Dataset identity, pin ReportVersions to exact DatasetVersions and execute Analytics under known permission, RLS and filter context.

Extend with controlled Python.

ANPy connects notebook revisions, environment identity, kernel lifecycle and bounded CellRuns without representing process memory as durable evidence.

Understand, investigate and prove.

Intelligence helps users reason and prepare registered actions; Assurance connects supported records into scoped investigations, findings, cases, integrity states and evidence packages.

Tenant and Project make scope an execution decision.

Tenant is the organization and data-isolation boundary. Project is membership and execution scope inside it—not a browser display filter. Project selection controls effective roles, database search path and the resources visible to project-scoped modules.

Governed provisioning

Project creation aligns the tenant database, creates a marker-owned schema, applies runtime grants and registers the System Sandbox Source before the mapping is published.

Active context

Server-owned session state binds actor, tenant and active Project; protected requests revalidate that context rather than trusting headers or page state.

Explicit exceptions

Assurance is a tenant-wide read model, Service Desk is a tenant-wide queue with optional project context, and Intelligence may use global, project or exact-object scope.

Shared objects make the lifecycle understandable.

Actor, Source, FileVersion, TableVersion, DatasetVersion, ReportVersion, Environment, Run, Artifact, Evidence, Finding, Case and Ticket keep distinct canonical owners. Their explicit relationships are more valuable than one generic activity stream.

Version identifies exact recorded contract state; it does not imply a snapshot of live rows unless the contract says so.

Run identifies one execution attempt and its terminal or partial outcome.

Artifact identifies retained bounded output, profile, diagnostic or export material.

Evidence records what a canonical source can support and leaves missing context visible.

Connect and discover.

Register project-scoped Sources, resolve driver capabilities, inspect metadata and use bounded read-only exploration before promoting a result into a durable asset.

Sources and connector capability contracts

Durable SQL Console workspaces, SavedQueries and QueryExecutions

Immutable Sandbox FileVersions and content-aware preflight

Build and validate.

Preserve immutable file versions, inspect content, publish managed table versions, apply Data Quality assertions and retain execution outcomes for implemented Pipeline flows.

Atomic stable-alias publication after validation

Source-oriented QualityRuns and bounded findings

Persisted query, transfer, delete, quality and Master run outcomes

Govern and analyze.

Give data definitions stable Dataset identity, pin ReportVersions to exact DatasetVersions and execute Analytics under known permission, RLS and filter context.

Dataset contract and immutable version comparison

Multi-binding AnalyticsRuns with per-binding diagnostics

Dashboards that retain individual widget-run outcomes

Extend with controlled Python.

ANPy connects notebook revisions, environment identity, kernel lifecycle and bounded CellRuns without representing process memory as durable evidence.

Understand, investigate and prove.

Intelligence helps users reason and prepare registered actions; Assurance connects supported records into scoped investigations, findings, cases, integrity states and evidence packages.

Identity, onboarding and Settings remain part of the operating model.

Controlled onboarding provisions tenant and project access; Settings manages account, team roles and tenant SAML policy. Authenticated requests require a matching active session registry record, current tenant/user state and server-owned canonical origin.

Enterprise entry

The default controlled path is platform-admin tenant provisioning, forced temporary-password change and explicit Project creation—not assumed public self-registration.

Team access

Current onboarding immediately creates or reuses users and assigns roles; it is not an invitation-email or pending-token lifecycle.

SAML and MFA evidence

SAML metadata/login/ACS, JIT identity linking, domain policy and IdP-asserted MFA evidence are delivered; application TOTP/WebAuthn and complete step-up UI are not.

Session safety

Revoked, expired or mismatched registry state fails closed; password changes, resets and account deletion revoke active sessions.

Service Desk connects operational communication without becoming evidence by assertion.

Tenant users can create and follow bounded support, billing, security, bug, feature and incident tickets. Platform administrators can reply, add internal notes, assign and change status; supported ticket events can be projected into Assurance.

Tenant queue is tenant-wide; project identity is optional context, not the list authorization predicate.

Internal notes remain hidden from tenant templates, while public replies remain part of the tenant thread.

Attachments, SLA automation, email/webhooks, immutable TicketVersion and full ITSM/CMDB behavior are not current capabilities.

Guided tours explain the real product, not a disconnected video.

Shared tour infrastructure can demonstrate SQL Console, Dataset detail and Analytics with synthetic examples, play/pause/next controls and page-like modal surfaces. Tours teach workflow and boundaries; they do not execute tenant actions or replace documentation.

Capability status is part of the product contract.

Available, production-oriented, environment-dependent and planned are different states. A public feature statement never replaces live acceptance on the exact revision and deployment.

Next step

Start with the flow that cannot afford ambiguity.

Bring the systems, owners, rules, delivery obligations and evidence requirements that matter.

Discuss a critical flow