DecisionBox Enterprise

Product Introduction

1. Definition: DecisionBox Enterprise is an autonomous AI discovery engine and SQL agent designed for large-scale data warehouses. It functions as a self-hosted platform that automates the extraction of business insights by writing, validating, and executing SQL queries directly against internal data infrastructure. Technically, it is a plugin-based architecture built on an open-source AGPL v3 core, allowing organizations to deploy private, air-gapped LLMs (Large Language Models) via Ollama or Kubernetes-based orchestration.

2. Core Value Proposition: The platform exists to eliminate the "exploratory backlog" in data teams while maintaining absolute data sovereignty. By utilizing a "zero outbound call" architecture, DecisionBox Enterprise enables organizations in highly regulated industries—such as finance, healthcare, and government—to leverage generative AI for data analysis without exposing sensitive information to third-party SaaS providers. Its primary value lies in its ability to deliver severity-ranked, validated insights while enforcing strict three-layer data governance and enterprise-grade security protocols.

Main Features

1. Autonomous AI Discovery Agents with Self-Healing SQL: At the core of the platform are agents that navigate complex database schemas to identify anomalies, trends, and business opportunities. Unlike standard text-to-SQL tools, these agents use a self-healing mechanism where the AI iterates on its own code if a query fails or produces logically inconsistent results. This process is reinforced by "Domain Packs," which provide industry-specific intelligence and semantic context to ensure the SQL generated reflects real-world business logic.

2. Enterprise Identity and Access Management (SSO/RBAC): DecisionBox Enterprise integrates with existing identity providers (IdPs) such as Okta, Microsoft Entra ID, Auth0, and Keycloak via OIDC (OpenID Connect). It enforces granular Role-Based Access Control (RBAC) at the endpoint level using JWT claims. This allows administrators to map IdP claims to internal roles (Viewer, Member, Admin) and ensure multi-tenant isolation, where specific teams or organizations can only access their designated data partitions.

3. Three-Layer Data Governance and Redaction: The platform employs a defense-in-depth approach to data privacy. Layer one involves schema filtering, where specific tables or columns are excluded from the AI's context using glob patterns or regex. Layer two utilizes AI-powered query rewriting (Strict Mode) to prevent the agent from even attempting to access sensitive fields. Layer three provides real-time result redaction, where PII (Personally Identifiable Information) or restricted values are masked or replaced before they reach the user interface.

4. Private LLM Fine-tuning and DPO Pipeline: To increase accuracy, DecisionBox Enterprise includes a training tool that captures every validated query and user feedback (thumbs-up/thumbs-down). This data is converted into Direct Preference Optimization (DPO) pairs to fine-tune open-source models like Llama 3, Mistral, or Qwen. Because the training happens within the customer's VPC (Virtual Private Cloud) using LoRA or QLoRA techniques, the model learns the specific nuances of the organization's schema without data ever leaving the network.

5. Full Audit Logging and Compliance Reporting: Every interaction—from a user login to an AI-generated query—is captured in a centralized audit log. These logs are attributed to specific users and organizations, providing a complete trail for SOC 2, HIPAA, and GDPR compliance. The logs include the original request, the generated SQL, the data governance rules applied, and the final output, ensuring total accountability for all autonomous agent actions.

Problems Solved

1. Data Privacy and Security Risks: Traditional AI data tools require sending schema metadata or actual query results to external APIs (like OpenAI or Anthropic). DecisionBox Enterprise solves this by running fully air-gapped, ensuring zero bytes leave the customer's network, which is critical for organizations with strict data residency requirements.

2. The "Exploratory Backlog" in Data Teams: Data analysts are often overwhelmed by "ad-hoc" requests for basic discovery. DecisionBox solves this by acting as an overnight discovery layer that autonomously flags "at-risk" deals, churn signals, or marketing inefficiencies, allowing human analysts to focus on high-level strategy rather than manual SQL writing.

3. Target Audience:

• Data Engineers and Architects: Seeking to automate discovery without compromising warehouse security.
• CISOs and Compliance Officers: Requiring strict audit trails and data governance over AI deployments.
• Revenue Operations (RevOps) Managers: Needing real-time signals on deal risks and expansion opportunities.
• Product Managers: Looking for automated activation and retention funnel analysis.

4. Use Cases:

• RevOps: Automatically identifying trial users with high activity scores who haven't yet been contacted by sales.
• Marketing: Finding specific cohorts where campaign spend exceeded the return on ad spend (ROAS) across fragmented channels.
• Data Teams: Running automated nightly "sanity checks" on warehouse data to find schema drifts or unexpected null distributions.

Unique Advantages

1. Plugin-Architecture (Zero Fork): Unlike other enterprise software that requires maintaining a separate code branch from the open-source version, DecisionBox Enterprise uses a "zero fork" model. Enterprise features like SSO and Audit Logs are additive plugins that layer on top of the AGPL v3 core. This allows users to upgrade the core engine independently without breaking enterprise-specific configurations.

2. Deterministic Validation: Most AI agents suffer from hallucinations. DecisionBox differentiates itself by validating every finding against the warehouse. A "validated insight" is not just a text summary; it is a finding that has been cross-referenced with actual database results and verified for logical consistency before being presented to the user.

3. Infrastructure-as-Code Deployment: DecisionBox is built for modern DevOps workflows. It provides native Helm charts for Kubernetes and Terraform modules for AWS (EKS) and GCP (GKE). This enables one-click deployments of the entire stack, including the LLM inference engine, the discovery core, and the security layers, within the organization's existing cloud perimeter.

Frequently Asked Questions (FAQ)

1. Can DecisionBox Enterprise run completely offline? Yes. DecisionBox Enterprise is designed for air-gapped environments. By using self-hosted LLMs via Ollama or local inference servers, it performs all SQL generation and data analysis without any outbound internet calls. This makes it suitable for secure government or financial enclaves.

2. How does the platform prevent the AI from seeing PII? The platform uses a three-layer governance strategy. You can classify columns as PII in the configuration, which automatically triggers three actions: the AI is told the column doesn't exist (Exclusion), the SQL is rewritten to avoid those fields (Rewriting), and any leaked values in results are masked (Redaction).

3. Do I need to provide a training dataset for the AI to work? No. DecisionBox comes with "Domain Packs" that provide immediate utility for standard schemas (Salesforce, Zendesk, Stripe, etc.). However, as you use the tool, it captures your specific schema nuances to create a "Golden Dataset" for future fine-tuning, which further improves accuracy over time.

4. Which data warehouses are supported? DecisionBox Enterprise supports all major data warehouses, including Snowflake, BigQuery, Redshift, and PostgreSQL. Because it uses a modular provider system, it can be extended to support any SQL-compliant data source while maintaining the same governance and audit layers.