Skip to main content
AnomalyArmor provides visibility into your data infrastructure without accessing your actual data. We connect to your databases, discover your assets, track data quality metrics, use AI to document your catalog, and alert you when something needs attention.
AnomalyArmor architecture showing data sources connecting to discovery, monitoring, and alerting components

Core Architecture

AnomalyArmor operates on a simple principle: metadata only, never your data. We query your database’s information schema to understand structure, not content.

What We Access

We AccessWe Never Access
Table and view namesRow data
Column names and typesActual values
Schema metadataPII or sensitive content
Timestamp columns (for freshness)Business data
Index and constraint definitionsQuery results
This approach means you get full observability with minimal security exposure.

The Data Flow

AnomalyArmor follows a six-stage pipeline from connection to notification:
Flow diagram showing Discovery, Catalog, Detection, and Alert stages

Stage 1: Discovery

When you connect a database, AnomalyArmor runs a discovery job that:
  1. Connects securely using your provided credentials
  2. Queries the information schema (pg_catalog, information_schema, etc.)
  3. Catalogs all tables, views, columns, and their data types
  4. Records the current state as a baseline
Discovery can run on a schedule (hourly, daily) or on-demand. After the initial full discovery, subsequent runs are incremental, only detecting what changed since the last run.

Stage 2: Asset Catalog

Discovered assets are stored in your Asset Catalog, a searchable inventory of everything in your data infrastructure:
  • Tables and Views: With column details, data types, and relationships
  • Metadata: Last updated timestamps, row counts (if available), descriptions
  • History: Full audit trail of every change detected
The catalog becomes your source of truth for understanding what exists across all connected databases.

Stage 3: Change Detection

On each discovery run, AnomalyArmor compares the current state against the previous state to detect:
  • Schema drift: Columns added, removed, renamed, or type-changed
  • New assets: Tables or views that didn’t exist before
  • Removed assets: Tables or views that no longer exist
  • Freshness violations: Data not updated within expected SLA
Each detected change is recorded with timestamp, type, before/after values, and affected asset details.

Stage 4: Data Quality Metrics

Beyond schema monitoring, AnomalyArmor tracks statistical properties of your data:
MetricWhat It Measures
Row countTotal rows in a table
Null percentageMissing values in a column
Distinct countUnique values
Min/max/avgNumeric column statistics
Metrics run on a schedule you configure. AnomalyArmor builds baselines from historical values and detects anomalies when new values fall outside expected ranges.

Stage 5: Intelligence

AnomalyArmor uses AI to help you understand your data catalog:
  • Natural language search: Ask “where is customer data?” instead of clicking through schemas
  • Auto-generated descriptions: Get human-readable documentation for tables and columns
  • Pattern detection: Identify PII, relationships, and naming conventions
Intelligence analyzes your schema metadata only. It never reads actual data values.

Stage 6: Alerting

When changes match your configured alert rules, notifications are sent to your chosen destinations:
  • Slack: Channel messages with rich formatting
  • Email: Detailed reports to individuals or distribution lists
  • PagerDuty: Incidents for on-call escalation
  • Microsoft Teams: Channel notifications
  • Webhooks: Custom integrations with any system
You control which changes trigger alerts and where they go. A dropped column in production might page on-call, while a new table in dev just goes to email.

Security Model

AnomalyArmor uses enterprise-grade security controls:

Query Security

Every SQL query is validated by our open-source Query Gateway before execution:

Credential Storage

  • All credentials encrypted at rest with AES-256
  • Encryption keys managed via AWS KMS
  • Credentials never logged or exposed in UI

Network Security

  • All connections use TLS 1.3 encryption
  • Static IP addresses available for firewall allowlisting
  • Support for VPC peering and Private Link (Enterprise)

Access Control

  • Role-based access control (RBAC) for team members
  • Audit logs for all administrative actions
  • SSO integration (SAML 2.0) available
For detailed security information, see our Security Overview.

Deployment Architecture

AnomalyArmor is a fully managed SaaS platform. There’s nothing to install in your infrastructure.
AnomalyArmor deployment showing customer databases connecting through firewall to fully managed SaaS platform

What Runs Where

ComponentLocationDetails
Discovery jobsAnomalyArmor CloudScheduled or on-demand
Asset catalogAnomalyArmor CloudYour metadata stored securely
Metrics engineAnomalyArmor CloudScheduled metric capture and anomaly detection
IntelligenceAnomalyArmor CloudAI-powered search and documentation
Alert rulesAnomalyArmor CloudConfigured via web UI
Database credentialsAnomalyArmor CloudEncrypted at rest
Your databaseYour infrastructureWe connect outbound to you

Performance Impact

AnomalyArmor is designed for minimal performance impact on your databases:
  • Read-only queries: We only run SELECT on system tables
  • Lightweight queries: Information schema queries, not table scans
  • Configurable scheduling: Run discovery during off-peak hours
  • Connection pooling: Efficient connection management
Typical discovery runs complete in under 60 seconds for databases with up to 1,000 tables.

Next Steps

Now that you understand how AnomalyArmor works, you’re ready to get started:

Quickstart Guide

Connect your first database in under 15 minutes

Core Concepts

Deep dive into assets, discovery, and monitoring