1. Overview
  2. Getting Started
  3. Core Concepts

Core Concepts

Core Concepts

Peridot is built around a small set of core objects that define how AI is discovered, monitored, controlled, and audited across your environment.

Understanding these concepts is critical before configuring policies or integrations.

Workspaces

A workspace is the top-level container in Peridot.

It represents a logical boundary for your organization—typically aligned to a company, business unit, or security domain.

All inventory, data flows, policies, incidents, and integrations are scoped to a workspace.

Environments

Environments allow you to separate configurations within a workspace.

Common environments include:

  • Development

  • Staging

  • Production

Each environment can have its own policies, integrations, and controls.

AI Inventory

AI Inventory provides a complete view of AI tools used across your organization.

This includes:

  • External AI tools (e.g., ChatGPT, Claude)

  • Internal AI systems

  • Embedded AI features within SaaS platforms

Inventory distinguishes between:

  • Sanctioned tools (approved)

  • Shadow AI (unsanctioned or unknown usage)

Data Flows

Data Flows track how information moves into and out of AI systems.

This includes:

  • Source systems (files, SaaS, APIs, logs)

  • Destination systems (models, tools, workflows)

  • Context of usage

Data flows are the foundation for understanding risk and enforcing policies.

Applications

Applications represent AI-generated or AI-powered systems operating in your environment.

These may include:

  • Internal tools built with AI

  • Automated workflows

  • Embedded assistants

Peridot tracks these applications to ensure they are visible, governed, and auditable.

Policies

Policies define the rules that control AI behavior.

Examples include:

  • Which models can be used

  • What data can be accessed

  • Which integrations are allowed

  • When approvals are required

Policies are enforced across inventory, data flows, and applications.

Incidents

Incidents represent events that require investigation or response.

Examples include:

  • Sensitive data exposure

  • Unauthorized AI tool usage

  • Policy violations

Incidents can trigger workflows, alerts, and playbooks.

Integrations

Integrations connect Peridot to external systems.

These include:

  • SaaS platforms (Slack, Jira, ServiceNow)

  • Cloud providers (AWS, Azure, GCP)

  • Data stores and APIs

Integrations enable discovery, monitoring, and action.

Auditability

Every action in Peridot is traceable.

This includes:

  • Data access

  • Model usage

  • Policy decisions

  • Workflow execution

Auditability ensures that AI usage can be reviewed, explained, and defended.

What to do next

  • Read How Peridot Works to understand system architecture

  • Start with AI Inventory Overview to begin discovery

Was this article helpful?