Security between Pega Knowledge buddy and the LLM it connects to

Saravanan_M · February 13, 2025, 7:38am

When we query the knowledge buddy with the question on the ingested content, it retrieves the answer from the data chucks from the vector store and prepares the prompt and send that prompt to LLM(OpenAI) and format the answer and shares the response back to us. I am aware of the security of the content that’s maintained within Pega, however would like to know what’s the security mechanism that is being maintained between Pega and External LLMs?

MarijeSchillern · February 13, 2025, 12:17pm

@Saravanan M Below is a GenAI-powered answer.

All generated answers require validation against the provided references (which you can find yourself by searching on docs.pega.com).

Here is a comprehensive overview of the security architecture.

The security implementation operates on multiple layers:

Data Encryption and Transit Security
- All data at rest is encrypted using 256-bit AES encryption
- HTTPS (TLS) is used for secure data transmission between systems
- Secure TLS connectivity can be configured for external REST or SOAP services through Dev Studio
Data Protection Mechanisms
- Prompts and completions are not accessible to other Pega clients
- No data retention in external models - the LLM models used are stateless
- Prompts and completions are never used to improve external models
- Role-based access control ensures only authorized users can manage, view, or use the data
Knowledge Buddy Specific Security
- Secure content ingestion practices protect data during transfer
- REST APIs for content ingestion and querying are secured through access roles
- Layered security approach with multiple security checkpoints:
  - Pega Knowledge articles level
  - Data sources level
  - Data chunks level
  - Knowledge Buddy cases level
Authentication and Access Control
- Robust role-based security at multiple levels
- Access roles define who can create, view, and use data sources
- Ask Buddy auditing cases are generated for monitoring and tracking API usage
- Each interaction is logged for security audit purposes

For more detailed information, you can refer to the following documentation:

@JamesCarstairs if you need to add anything here, feel free to do so.

Conversation		Replies	Views
Can Pega Knowledge Buddy be implemented for an On-prem application without any data going out of the bank system General business-architect , workflow-automation , financial-services , 24-1 , pega-knowledge-buddy	1	117	March 27, 2025
Pega GenAI Knowledge Buddy General lead-system-architect , generative-ai , pega-knowledge-buddy	18	527	July 11, 2024
Do we have any document on how Pega is doing chunks in Knowledge buddy General senior-system-architect , generative-ai , natural-language-processing , consumer-services	1	95	November 18, 2024
Pega GenAI Knowledge Buddy - External Repository General constellation , system-administration , case-management , data-integration , generative-ai , pega-knowledge-buddy , pega-infinity	1	213	July 5, 2024
Knowledge Buddy REST APIs General senior-system-architect , generative-ai , natural-language-processing , other-industry , 24-2	0	650	December 12, 2024

Security between Pega Knowledge buddy and the LLM it connects to

Related topics