Integrius Core
Connect once. Use everywhere. Know everything.
Core turns fragmented enterprise data into governed data products: each with an accountable owner, a tamper-evident audit chain, and one stable API endpoint. Served entirely inside your own infrastructure. Air-gap capable. No phone-home. Zero SaaS dependencies.
The Integration Math Is Broken
N sources and M consumers means N times M point-to-point pipelines. Every new system multiplies the mess. Core collapses it to N plus M: each source connects once, each consumer reads governed data products.
Without Core
12 × 9
= 108 pipelines
Twelve sources, nine consumers. Every pair is its own integration to build, secure, and babysit.
With Core
12 + 9
= 21 connections
One unified layer in the middle. Sources connect once. Consumers get stable, governed contracts.
16 Connectors. All Included at Every Tier.
No connector marketplace. No add-on fees. Every connector ships with connection testing, schema discovery, encrypted credentials, and SSRF-aware URL validation.
| Connector | Type | Use Case |
|---|---|---|
| PostgreSQL | Database | Postgres with SSL and custom queries |
| MySQL | Database | MySQL and MariaDB |
| SQL Server | Database | MSSQL with encrypted connections |
| Snowflake | Warehouse | Warehouse access with role assumption |
| BigQuery | Warehouse | Google BigQuery with service account auth |
| Redshift | Warehouse | AWS Redshift with IAM auth |
| MongoDB | NoSQL | MongoDB including Atlas |
| REST API | API | Any HTTP endpoint with auth, pagination, path extraction |
| GraphQL | API | Any GraphQL endpoint with variables |
| Salesforce | SaaS | Standard and custom objects via SOQL |
| Kafka | Streaming | Topics with SASL auth and Schema Registry |
| Amazon S3 | Cloud Storage | CSV, JSON, Parquet from S3 buckets |
| CSV | File | Upload with delimiter and encoding options |
| Excel | File | .xlsx and .xls with sheet and range selection |
| JSON | File | Newline-delimited or array, streaming parse |
| Event Log | Streaming | Replay the platform event stream as a source |
All credentials encrypted at rest with AES-256-GCM. All outbound URLs validated against SSRF attacks.
Data Products, Not Pipelines
A data product is a governed, owned, versioned API over your data. Compose them from one source, many sources, or other data products. Consumers never touch raw schemas again.
Standard Fields
One organization-wide canonical schema. Every source maps into it through governed field mappings with approval workflows. "Revenue" means the same thing everywhere.
Multi-Hop Composition
Compose data products from sources, or from other data products. Entity-keyed joins resolve across systems in real time. Build a customer 360 from a billing product plus a CRM product.
Stable Versioned Contracts
Every data product exposes one stable API endpoint with a versioned contract and an accountable owner. Consumers build against the contract, not the source schema.
Governance That Holds Up in an Inspection
Every action lands in a tamper-evident, hash-chained audit log. An auditor can walk the chain end to end. If anyone tampered, verification fails and points to the exact row.
RBAC: 4 roles, 24 permissions
Four built-in roles and 24 granular permissions. Access is evaluated on every request, down to the field level. No shadow paths around the rules.
21 CFR Part 11 e-signatures
Critical actions require re-authentication and a stated reason. Signatures are chained into the audit log with HMAC or Ed25519, ready for FDA inspection.
Tamper-evident audit chain
Every action lands in a hash-chained audit log, HMAC or Ed25519, with an append-only database trigger. If anything is altered, verification fails and tells you exactly which row broke.
Approval workflows
Field mappings into the canonical schema go through review and approval. Changes to governed definitions are deliberate, attributed, and logged.
GDPR atomic erasure
One endpoint erases a data subject in a single transaction and writes a chained audit row proving it happened. DPA template included.
Accountable ownership
Every data product has a named owner. When a regulator, an auditor, or a new engineer asks "who is responsible for this data?", the platform answers.
Blast Radius. Before You Pull the Trigger.
Every data product knows what it depends on and what depends on it. Change a source schema, remove a field, revoke access: see exactly what breaks before you do it.
Live dependency graph. Blast radius computed in real time. Every upstream and downstream relationship, visualised.
Schema change
See every downstream product affected before you touch the source.
Access revocation
Remove a team from a data product and immediately see which of their workflows break.
Impact analysis
Run the analysis without making a single change. No surprises in production.
Materialization: Fast by Default
Query live across all your sources, or serve streaming pre-computed snapshots. Your choice, per product. Either way, consumers hit one stable endpoint.
<50ms
p95 for materialized data products: streaming pre-computed snapshots
280ms
p50 live-fetch across 10 sources at once, demo scale baseline
Two triggers
Snapshots refresh on a schedule or on events. You decide the freshness contract.
Enterprise Security, Standard
Everything your security review will ask about is already built in. No premium tier for the basics.
TOTP MFA
Time-based one-time passwords for every account
OIDC SSO
OpenID Connect single sign-on
SAML 2.0
Enterprise identity federation
SCIM 2.0
Automated user provisioning and deprovisioning
Scoped API keys
IP allowlists and per-key rate limits
Signed webhooks
Verifiable event delivery to your systems
WebSockets
Realtime updates without polling
Prometheus metrics
First-class observability endpoints
OpenAPI docs
Complete, generated API documentation
AES-256-GCM
All source credentials encrypted at rest
SSRF-aware validation
Every outbound connector URL is validated
1,028 passing tests
Unit, end-to-end, and stress suites
The Compliance Wall
Built for the industries where data governance is the law, not a nice-to-have.
21 CFR Part 11 + ALCOA+
E-signatures, attributable audit chain, pharma data integrity
GDPR
Atomic erasure endpoint, DPA template
HIPAA
Self-hosted, PHI never leaves your network, BAA template
SOX 404
Tamper-evident controls over financial data flows
FISMA / NIST 800-53
Control families mapped for federal deployment
FedRAMP-aligned
Architecture aligned to FedRAMP requirements
ITAR / EAR
Data residency by design: nothing leaves your boundary
SOC 2 / ISO 27001
Controls mapped for your certification audits
Catalogs Govern. Pipelines Move. Core Does Both.
Core is the runtime, not a catalog. Governance and serving in one layer, inside your network.
Collibra, Atlan
Govern your data on paper. They document policies but never serve a byte. The catalog says who should have access; nothing enforces it at the API.
Fivetran, Airbyte
Move your data. They copy rows from A to B but carry no governance with them. Every copy is a new surface to secure and audit.
Integrius Core
Governs and serves. The same layer that enforces RBAC, ownership, and the audit chain is the layer that answers the API call. Policy and runtime are one thing.
Ready to Unify Your Data Layer?
One governed layer between your sources and everyone who needs them. Inside your infrastructure, on your terms.