AI Enrichment & Transformer Processing

Overview

RapidRisk provides an optional AI enrichment system designed to assist engineering teams with incident interpretation, anomaly contextualisation, and remediation guidance.

The core RapidRisk platform — including downstream error correlation, deployment tracking, infrastructure event analysis, and incident timeline construction — operates independently of any external AI provider.

AI enrichment is an optional feature that customers may enable selectively on a per-service or per-environment basis.

Purpose of AI Enrichment

When enabled, transformer-based large language models (LLMs) are used to:

• infer probable root causes,
• summarise correlated infrastructure events,
• identify likely deployment relationships,
• generate remediation suggestions,
• and provide operational context around incidents.

The enrichment layer is intended to accelerate investigation workflows, not replace operator judgement.

Data Minimisation Philosophy

RapidRisk is designed around structural operational intelligence rather than raw application visibility.

The enrichment pipeline is intentionally restricted to metadata and inferred operational patterns rather than customer transaction payloads or full log streams.

Where possible, RapidRisk converts incidents into abstracted causal descriptions before enrichment occurs.

What RapidRisk Processes for Enrichment

Depending on customer configuration, the enrichment system may process:

• deployment identifiers,
• Kubernetes event types,
• infrastructure metadata,
• service names,
• metric deviations,
• aggregate latency changes,
• anomaly classifications,
• error categories,
• dependency relationships,
• and incident timeline metadata.

This information is used to construct a structured operational summary for transformer inference.

Pre-Processing & Sanitisation

Before any enrichment request is transmitted to an external AI provider, RapidRisk applies a sanitisation and reduction pipeline within the customer-controlled environment.

This process attempts to remove or redact:

• personally identifiable information (PII),
• payment or financial identifiers,
• authentication material,
• internal hostnames and network addresses,
• source-code file paths,
• raw stack traces,
• and log content matching known sensitive-data patterns.

The enrichment workflow is designed to minimise exposure of customer operational data while preserving enough structural context for meaningful inference.

Example Enrichment Payload

A typical transformer prompt may resemble:

The payload is intended to describe operational causation patterns rather than expose raw runtime data.

LLM Providers

RapidRisk may integrate with enterprise AI providers including:

• Anthropic Claude
• Google Gemini

Provider selection may vary by deployment model, region, or customer preference.

Under standard enterprise API agreements, submitted data is not used for foundation model training. Customers should independently validate provider terms against their own security, compliance, and regulatory obligations prior to production deployment.

Customer Controls

Customers may:

• disable AI enrichment entirely,
• restrict enrichment to selected services,
• exclude specific environments,
• define enrichment eligibility policies,
• or disable enrichment for regulated workloads.

The core RapidRisk incident correlation engine remains operational without AI enrichment enabled.

Data Retention

RapidRisk stores generated enrichment summaries as part of incident metadata within the customer’s RapidRisk environment.

Operational enrichment data is not intended to be persistently stored by the external AI provider as part of the enrichment workflow.