Coralogix and Skyflow Redefine Privacy for AI-Driven Observability

SAN FRANCISCO & BOSTON – March 20, 2026 – A strategic partnership between observability platform Coralogix and data privacy vault provider Skyflow is set to reshape how organizations handle sensitive data in the age of artificial intelligence. The collaboration introduces a new paradigm for observability, allowing enterprises to protect customer data within logs and telemetry without sacrificing the analytical power needed for modern operations and AI-driven workflows.

For years, engineering and security teams have been caught in a dilemma: either expose sensitive customer data in operational logs to maintain full analytical context, or redact it and lose the ability to effectively debug issues, respond to incidents, and correlate events. This new partnership aims to eliminate that trade-off entirely.

The Observability Dilemma in the AI Era

In today's complex digital landscape, observability—the ability to understand a system's internal state from its external outputs like logs, metrics, and traces—is not just a best practice; it's a business necessity. This data is the lifeblood for Site Reliability Engineers (SREs), security analysts, and developers working to ensure system uptime, performance, and security. However, this critical telemetry is often unavoidably laced with sensitive information, from personally identifiable information (PII) like names and email addresses to financial and health data.

The challenge has been significantly amplified by the rapid integration of artificial intelligence into IT operations, a field expected to grow by nearly $3 billion by 2029. AI-driven observability platforms promise to automate anomaly detection, predict failures, and drastically reduce the time to resolve incidents. But these AI models require rich, high-fidelity data to be effective. Feeding them logs stripped of crucial identifiers cripples their ability to learn and reason, while feeding them raw logs containing PII creates an unacceptable security and compliance risk.

A New Approach Beyond Redaction

Traditional methods for mitigating this risk have relied heavily on redaction or masking, which permanently removes or obscures sensitive values. While this approach prevents exposure, it breaks the very functionality that makes logs useful. Identifiers no longer match across different events, searches for a specific user's activity fail, and the context needed for root cause analysis is lost.

The Coralogix-Skyflow solution takes a fundamentally different path. Instead of destroying the data, it protects it using Skyflow's data privacy vault technology. Sensitive data is intercepted and replaced with format-preserving tokens before it ever enters the Coralogix observability pipeline. This process, built on a foundation of polymorphic encryption, ensures that the token remains consistent for a specific piece of data across all logs, preserving the ability to search and correlate.

“The traditional approach of redaction creates a false trade-off between safety and usefulness,” said Anshu Sharma, CEO of Skyflow, in the announcement. “Once sensitive data is stripped out, teams lose the ability to search effectively, investigate incidents, or let AI agents reason over what actually happened. As a Runtime AI Data Control Platform, Skyflow ensures sensitive customer data stays governed and isolated, while observability data remains fully usable.”

The result is a log stream that is safe by default. The sensitive data itself resides securely within Skyflow's vault, isolated and governed by granular access policies, while the fully functional, tokenized logs flow into Coralogix for analysis.

Unlocking AI and Operational Efficiency

The primary benefit of this approach is the seamless enablement of advanced, AI-driven operations. Coralogix’s platform, which includes its multi-agent AI assistant Olly, can now operate on a complete and contextually rich dataset without the risk of accessing raw sensitive information. AI agents can safely trace a user's journey, identify patterns in tokenized data, and assist in security investigations without ever being exposed to the underlying PII.

“Coralogix customers rely on observability data as a trusted system of record—supporting engineers, security teams, and the growing demands of AI-driven automation,” noted Coralogix CEO Ariel Assaraf. “They shouldn’t have to choose between safeguarding sensitive customer data and maintaining operational efficiency. By partnering with Skyflow, we ensure they can achieve both seamlessly.”

For human operators, the workflow is similarly enhanced. An engineer debugging a critical issue can search for a specific user's activity using the token and see all related events. Only if their role and the immediate context permit, a policy-based workflow can allow for the temporary and audited “rehydration” of a specific piece of data, revealing the original value for a critical, approved task.

Meeting Global Demands for Data Sovereignty

This partnership also delivers a powerful solution for one of the most pressing challenges facing global enterprises: data sovereignty. Regulations like Europe's GDPR, the California Consumer Privacy Act (CCPA), and stringent standards in healthcare (HIPAA) and finance (PCI DSS) impose strict rules on how and where customer data is stored and processed. The legal complexities following rulings like Schrems II have made cross-border data transfers a significant compliance hurdle.

The joint solution directly addresses this. Coralogix already allows customers to deploy their observability workloads in specific geographic regions to meet data residency requirements. By integrating Skyflow—which holds certifications including SOC 2 Type II, ISO 27001, and the coveted PCI DSS Level 1—organizations can ensure sensitive customer data is not only kept within a specific country but is also isolated within a secure vault governed by local policies. This combination of regional deployment and runtime data control allows multinational corporations to maintain full operational visibility across their global infrastructure while rigorously adhering to a patchwork of international data laws, effectively reducing compliance risks without compromising on their observability capabilities.