Skip to content

Core concepts

Opaque provides a secure environment for working with sensitive data—enabling teams to collaborate, analyze, and contribute to AI workflows without ever exposing raw data. As a user, you work within a workspace: an isolated, protected environment dedicated to a specific task or stage in your organization’s broader data or AI pipeline.

Opaque workflow

Overview of the Opaque workflow.

Workspaces

Each workspace supports a focused workflow. For example, one team may format incoming datasets, while another trains models, investigates outcomes, or builds AI agents to answer domain-specific questions—all operating independently within their own secure environment. Opaque supports both analytics and ML workspaces, where users develop code-based jobs over encrypted data, and agentic AI workspaces, where autonomous workflows are powered by agents and large language models. This separation helps enforce data access boundaries while supporting collaboration across teams. Depending on your AI workflow, you can have as many workspaces as you need.

Data

When data is brought into an analytics and ML workspace, it is encrypted immediately and remains protected throughout its lifecycle—including during processing. At the same time, Opaque automatically generates synthetic test data: a non-sensitive version of the dataset that retains the same structure and statistical properties but contains no real personally identifiable information (PII). Depending on your workflow, this synthetic data can be used during job development to safely prototype queries, format logic, or test new workflows—without ever accessing the underlying sensitive data.

Jobs

To process data, you create jobs—scripts that analyze or transform encrypted datasets. These can be written in Python (PySpark) or PySpark SQL and developed entirely using synthetic data. This allows you to test and refine jobs collaboratively, without exposing real data. Once reviewed and approved by all workspace members, jobs can be executed on encrypted production data without ever decrypting it. Jobs are created and executed in analytics and ML workspaces.

Workflows

To power agentic tasks, you create AI workflows—autonomous processes designed to accomplish specific goals using agents, data, and large language models. Unlike jobs, which run once and complete, AI workflows remain active until you stop them. This allows agents to monitor data sources, respond to signals, or generate output over time. Workflows are configured using a growing library of modular nodes, which handle logic, data retrieval, and model invocation—all within the boundaries of your workspace’s security and policy framework.

Roles

Access to data and actions within the platform is governed by role-based access control (RBAC). Users are assigned specific roles—such as organization admin, workspace admin, or workspace member—which determine what they can see and do. This ensures that teams only access the workspaces and data they’re authorized to handle, and that sensitive workflows are protected by clearly defined boundaries.

Bringing it all together

Opaque enables secure, multi-team collaboration across every stage of your AI workflow—whether you’re developing code-based jobs or orchestrating autonomous processes with AI agents.

  • Teams work in isolated workspaces tailored to their task: analytics and ML workspaces for data processing and modeling, and agentic AI workspaces for building intelligent, policy-bound workflows.
  • Synthetic data supports safe prototyping and testing, while real data remains encrypted at all times—even during execution.
  • All actions are logged for accountability and compliance.
  • Access is tightly controlled by roles, from organization-wide to workspace-specific.

With Opaque, your organization can unlock insights from sensitive data while maintaining privacy, security, and control at every step.