Palantir Technologies UK, Ltd.

Palantir Platform: Gotham

Palantir Gotham is an enterprise platform for planning missions and running investigations using disparate data, while maintaining privacy and access controls. The platform also incorporates Palantir Foundry’s capabilities, offering a suite of analytical and operational applications, enabling analysts to produce actionable intelligence based on the full ecosystem of available data.

Features

• Back- and front-end tools for integrating siloed data
• Support for federated data sources with dynamic updates from source
• Multiple tools for investigative analysis across all data
• Single workspace for different analytical workflows (geospatial, network, CDR etc.)
• Ability to automate analysis (e.g., artificial intelligence investigation helper)
• Traceable lineage of all changes to data in the system
• Comprehensive auditing of all user activity
• In-built provisions for protecting data, privacy and civil liberties
• High availability capabilities for maximising system uptime
• Regular updates deliver fixes and new functionality

Benefits

• Easy to use for both technical and non-technical users
• Quickly make connections across massive scale, dispersed datasets
• Plan and conduct missions securely with highly sensitive data
• Enable secure collaboration between individuals, teams and organisations
• Capture insights and discoveries for more efficient future investigations
• Safeguard data in accordance with users' roles and information classification
• Audit data use in accordance with applicable policy and law
• Commercial, off-the-shelf software that can be deployed with minimal configuration
• Fully extensible and interoperable with any legacy systems
• Secure sharing of investigative reports internally and with partner agencies

£66,000 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@palantir.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

801146272055049

Contact

Palantir Technologies UK, Ltd.
+44 203 856 8404
gcloud@palantir.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: The Palantir platform requires regular updates, which typically occur every month. If the platform is blocked from being updated, it will be considered an 'unsupported' version, which Palantir will be unable to support. If a problem (i.e., security or bug issue) is discovered on an 'unsupported' version of the platform, the only course of action will be to upgrade the platform to the latest version.
• System requirements:
  • Windows capable of running provided JRE and JXBrowser software
  • CPU: Intel Core i5
  • RAM: 8 GB
  • Hardware graphics acceleration
  • Disk Space: 2 GB

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Varies based on issue severity.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Varying levels of implementation engineering support services are included in our Capability-Based Licences. For additional support costs, please see the Pricing document. Further information can also be found in the Service Definition Document and our standard form Service Level Agreements (SLAs) can be provided on request.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The Palantir platform as a commercial software, is intuitive and can be used by technical and non-technical users alike. To help users learn to use the platforms, Palantir can design training plans and training materials based on its proven training curriculum. Curriculums include options for e-learning, and in-application help and support. At a high level, we can provide: (a) in-person, instructor-led training; specific training sessions held at customer locations tailored according to the user profile, specific contract requirements, and project stage; (b) internet webinars; available on a variety of topics, based on ongoing assessments of end user needs, allowing flexible scheduling as well as varying user adoption rates and location; and (c) self-guided learning; self-paced training through our web-based video training application that includes features such as videos and documentation. Additional information available on request.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Palantir can export all existing data in its platform into raw formats. Palantir’s software platforms have been purposefully designed to prevent vendor lock-in. As such, they have an open, pluggable architecture with publicly documented APIs at every tier of the software. All data in the platform can be securely exported in non-proprietary formats for use in other databases or systems. Palantir will work with the customer to determine the best export format(s) for customer datasets and their destination systems. Additional information available on request.
• End-of-contract process: Palantir commits to purge and destroy customer data from any computers, storage devices, and storage media that are to be retained by Palantir after the end of the contract period and the subsequent extraction of customer data (if requested by the customer). This service is included in the price of the contract. Additional information available on request.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Palantir platform is accessible on Android and iOS mobile devices. Full functionality will not be available, as not all features will be supported. Further information available on request.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The Palantir platform uses a web based GUI for human users.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The Palantir Platform has been tested and is compatible with the following assistive technologies:; ; Screen reader: User interface elements are clearly identified by text that can be made available to third-party assistive technology like screen readers. ; ; Magnification: Palantir can interoperate with assistive technology, such as screen enlargers, for users who are visually impaired. Text and graphics in the application can easily be increased in size. Palantir provides on-screen indication of the current focus (box highlighting, reverse bold, etc.) that moves among interactive interface elements as the input focus changes.; ; Voice-controlled software: Because Palantir does not require user speech as a mode of operation and information retrieval, or require fine motor control or simultaneous actions, it is operable with limited reach and strength and does not require voice-controlled software. Other support services besides voice-controlled software can be used to accommodate the communications needs of end users with disabilities.
• API: Yes
• What users can and can't do using the API: The Palantir platform uses API for third party development and integration with other systems, but this API is not user facing.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: The Palantir platform integrates common data sources (including but not limited to HDFS, JDBC, SQL databases, flat files etc.) out of the box and can be configured to support other source systems or legacy technologies. It is designed it to be modular, configurable and scalable in order to meet the needs of a wide range of organisations.

Scaling

• Independence of resources: The Palantir platform uses DNS routing, gateways and elastic load balancing to ensure availability. Dedicated accounts and virtual resources are used on a per customer basis.

Analytics

• Service usage metrics: Yes
• Metrics types: The Palantir platform provides hundreds of metrics. Some common examples are average session length, drop-off rate, number of logins per user, number of accounts and search speed.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export data from the Palantir platform in a variety of open formats including but not limited to HTML, Microsoft Office (PPT, DOC, XLS) and ArcGIS (SHP) .
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Pxml
  • JSON
  • Parquet in the GUI
  • Standard REST APIs
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • JDBC
  • JSON
  • Flat files
  • HDFS
  • SQL databases

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: The Palantir platform requires communication to be encrypted in transit and supports a variety HTTPS/SSL encryption ciphers for encrypting data in transit that prioritise security but allows for compatibility of browsers. The system prioritises TLS 1.2 256 with PFS. The ciphers can be modified to meet customer requirements.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Customer data lives logically separated inside a platform enrolment. Individual end users, groups of users, and data resources can all be broken down with specific, customer-approved permissions. All traffic to is funnelled through gateway nodes running proxies and web application firewalls. Anomalies and unauthorised traffic are denied and logged at the gateways. Palantir maintains an appropriate segregation of administrative access, host and network-based firewalls, up-to-date industry standard software, full disk encryption, tracking system state and deviations from expected state, and other specific indicators of malicious activity, continually monitoring for and protecting against cyber-attacks, malicious intrusions, and malware.

Availability and resilience

• Guaranteed availability: Level of availability varies depending on the specific project. Our standard form Service Level Agreements (SLAs) can be provided on request.
• Approach to resilience: Information is available on request.
• Outage reporting: Various options available, including email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: The Palantir platform has a role-based access control, which means that only users with appropriate authority can access these features.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman and Company LLC
• ISO/IEC 27001 accreditation date: 29/03/2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • FedRamp Moderate
  • ISAE 3000 SOC 2 Type II
  • SSAE18 SOC 2 Type II
  • ISO 27017
  • ISO 27018
  • ISO 9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Palantir's platform has a robust and effective information security program compliant with SSAE18 SOC 2 Type II, ISAE 3000 SOC 2 Type II, FedRamp Moderate, ISO 27001, ISO 27017 and Cyber Essentials. For some specific UK Government requirements, Palantir adheres to the Cabinet Office Security Policy Framework and its derivatives.
• Information security policies and processes: For some specific UK Government requirements, Palantir adheres to the Cabinet Office Security Policy Framework and its derivatives. Further, Palantir's Information Security Program consists of the high-level policies and the standards, guidelines and procedures that support them. Palantir's Information Security policies are written to establish corporate information security intentions which align to ISO/IEC 27001/2, ISO/IEC 27018, NIST 800-53 and TSCP (Trust Service Criteria and Principles) industry accepted Information Security Management Systems (ISMS). The CISO together with the Information Security, Legal and Compliance teams are responsible for overseeing the development, implementation, enforcement and maintenance of all information security policies. Palantir's policies are reviewed annually, or whenever significant changes have been made in the operating or business environment. They are hosted on internal intranet pages and communicated to Palantir personnel during onboarding and through yearly acknowledgment. Additional information available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Palantir's platform follows a continuous deployment methodology enabling security and support engineers to patch, remediate, and upgrade services with little to no downtime or system-wide effects. Palantir’s Change Management Policy sets standards for upgrading capabilities, responding to threats, adhering to laws/regulations and contractual compliance, while limiting impact and ensuring adequate messaging. All changes to systems must be submitted as a “Change Request”. The relevant teams review the request, prioritise and develop a plan for implementation. Changes are tested and authorised users must approve changes in accordance with Palantir policies, with Customers notified of any major changes per agreed upon processes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Palantir’s InfoSec Team operates an industry-standard vulnerability management process. This includes vulnerability scanning, deployment reporting, third-party penetration testing and monitoring external sources for vulnerabilities. Palantir maintains full-time Application Security (AppSec) and Computer Incident Response Teams (CIRT). The AppSec Team monitors software for security weaknesses. The CIRT is responsible for threat modelling and conducting threat intelligence. Palantir contracts third parties to perform vulnerability and penetration testing at least annually. Findings are prioritised based on criticality, severity, impact and tracked through tickets. Patches and configuration changes are pushed to Palantir Deployment Teams who push these updates to customer solutions using agreed procedures.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The Palantir platform implements a broad spectrum of technical and operational controls that provide protection and detection of cyber-attacks, malicious intrusions and malware. Endpoints are deployed with host-based intrusion detection systems and all network traffic is processed through network-based intrusion detection systems. Anomaly detection occurs through detection, alerting and enrichment strategies implemented by threat intelligence engineers. Alerts are escalated to our Computer Incident Response Team, which provide 24/7 response capabilities across all Palantir assets. The Palantir Information Security Team provides incident detection and response capabilities across the entirety of Palantir's network.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The Palantir platform has an incident management process for events that may affect the security, availability or confidentiality of Palantir systems. This process specifies courses of action, procedures for notification, escalation, mitigation and documentation. The policy is available to all employees. To help ensure timely resolution of incidents, the Incident Response Team is available 24/7 to employees and customers. When an infosec incident occurs, staff respond by logging and prioritising the incident according to severity. Events that directly impact customers receive the highest priority. An individual/team is dedicated to remediating the problem, enlisting the help of product/subject experts as appropriate.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: MoDNet

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Palantir is committed to fighting climate change through effective stewardship of the environment. Palantir recognises the threat posed to our civilisation by unchecked climate change, and commit to play our part by conducting our company operations sustainably and by supporting our customers’ efforts to do likewise. We project that our carbon emissions will decrease to 3,790 tCO2e or lower by 2025. We are working with the Science-Based Targets Initiative (SBTi) to make our commitment public, align with best-in-class standards for climate pledges, and help keep us on track as we work towards Net Zero. As part of this we: (a) seek to reduce emissions across Scopes 1, 2, and 3; (b) will offset any remaining emissions, where reducing emissions is not possible today; and (c) will report updates, review our actions and publish our progress on an annual basis. We have already rolled-out the following initiatives to fight climate change. (1) The Foundry Carbon Module, which provides an enterprise-wide picture of our largest emissions sources including electricity usage, business travel, and compute power. This includes the most granular available emissions factors that are automatically recomputed as new data is ingested. (2) Partnering with leading organisations pursuing Net Zero efforts. We have partnered with some of the world’s leading organisations to decarbonise the global materials supply chain, power renewable energy, and accelerate the roll-out of e-mobility (EV networks and air travel). (3) Reducing carbon impact of travel through following green travel plans on projects. (4) Influencing sustainable behaviour in our employees through a sustainable behavioural change and education platform where employees can gain rewards for reducing their carbon footprint, learn how to be more sustainable and participate in sustainable initiatives together.

  Covid-19 recovery

  Palantir is committed to supporting the UK’s COVID-19 Recovery. Since the beginning of the COVID-19 pandemic, our software has played a key role in mitigating the impact of the COVID-19 outbreak across the UK. As an example, our software has been instrumental in helping the NHS manage the COVID-19 response. We see ourselves as contributing to this effort in two ways: (i) through supporting employment, re-training, and return to work initiatives; and (ii) providing secure workplace conditions. We create training opportunities for those who face employment barriers in the wider community by partnering with organisations like The Elephant Group (social mobility charity) and Rewriting the Code, and through initiatives like our data skills bootcamps for Secondary School students. We seek to ensure all opportunities available for people located in deprived areas. We do this by: (a) providing travel and accommodation for all student programmes; (b) removing unnecessary educational qualification requirements from job descriptions; and (c) expanding our list of UK-based target universities. We work with a diverse range of smaller businesses across the UK to increase supply chain resilience. When partnering with organisations on contracts, we actively employ measures to support smaller businesses’ involvement in our consortia. These include requiring no minimum revenue thresholds from our partners/subcontractors and establishing partnership teams to engage with and support smaller businesses throughout a contract’s journey. To support the British startup ecosystem, we have made our software available at reduced rates through our Apollo/Foundry for Builders programmes. Palantir commits to ensuring secure workplace conditions with regards to COVID-19 recovery, including through specialist cleaning and ensuring remote working options are available to all staff, where possible.

  Tackling economic inequality

  Palantir tackles economic inequality by supporting new businesses and offering programmes that teach new skills and provide employment opportunities to underrepresented groups. We support new businesses through our Foundry for Builders programme. Foundry for Builders makes our world class software platforms available to early-stage companies in industries ranging from health to entertainment. The programme allows new and emerging businesses to fully leverage our solutions at speed and at an affordable cost. Our Spring Insight Week, “Launch”, and our internship programme, “Palantir Path”, are designed to reach students who may not have had exposure to technical opportunities before college, especially those from underrepresented groups. It bridges the gap between what’s taught in school and what’s necessary to solve real-world problems, and offers tech industry work experience. Since 2021, on average 50% of our intern class is sourced from the Palantir Path programme annually. Palantir offers scholarships to students from underrepresented groups in Science, Technology, Engineering, and Mathematics (STEM). These scholarships, up to £8,000 each, encourage students to pursue careers in STEM. Since 2010, scholarships worth in excess of £1,000,000 have been awarded through our 3 programmes (Future Fellowship, Women in Tech Scholarship and Global Impact Scholarship) to 187 students from 20 countries. We also offer training opportunities for those in the wider community here in the UK who face barriers to employment. This includes running data skills bootcamps for Secondary School students from underprivileged backgrounds, in partnership with social mobility charities. These programmes lay the foundation for participants to obtain employment in high-growth sectors within the tech industry.

  Equal opportunity

  Palantir is committed to promoting values of diversity, equity, and inclusion at our company, with our clients, and across the broader tech community. We know it takes active effort to build an inclusive and equitable world where all voices are heard, and we’re dedicated to being part of the change. The pay gap is one of the most pervasive barriers to equal opportunity. We tackle inequality in pay by: (i) standardising pay across our entry-level roles to reduce pay gaps; (ii) publishing our UK Gender Pay Gap annually; (iii) mandating unconscious bias training for leads to ensure each employee has access to growth and career progression; and (iv) making anti-discrimination workshops mandatory, including Anti-Harassment Training. The skills gap is another deep-rooted barrier to equal opportunity. We have multiple programmes dedicated to helping people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills, including: (1) our Community Intersections Programme, which works to reduce digital skills gaps for our 9 Affinity Groups for disadvantaged/minority groups; (2) Learning Labs, which provide all members with up-skilling resources, including Microlearning Paths and Self-Guided Modules relevant to careers in cloud-based software and services; (3) Peer Mentorship, which offers mentorship and networking opportunities by pairing individuals with varying seniority levels and roles; (4) Palantir Launch Programme, a Spring Week for students from underrepresented groups in tech; (5) job descriptions which are reviewed for inclusive and neutral language; and (6) internship and scholarship programmes (see “Tackling Economic Inequality” for more details). In addition, we partner with a range of organisations that help connect underrepresented communities in tech with high-paying employment opportunities. These include Rewriting the Code (RTC), BreakLine, National Society of Black Engineers (NSBE), STEMWomen and CodeFirstGirls.

  Wellbeing

  Palantir aims to promote the holistic health and well-being of our employees through our benefits and offerings programs. Parallel to this, we seek to improve community integration by promoting strong, integrated communities. All of our UK-based employees receive the following: (i) mental health support via multiple virtual and in-person offerings, such as fitness subscriptions, guided meditations and 24/7 confidential counselling and therapeutic support service, (ii) stress management resources, including a 24/7 hotline for veterans and their families; (iii) health screenings, on an annual basis as minimum; (iv) child and pet care services, to alleviate the stress of finding these services and support a productive work-life balance; and (v) a ‘take what you need’ time off policy, to ensure each individual employee takes sufficient rest time for their role, which is essential for both their mental health and ability to be productive. We understand that employee well-being also stems from active contribution to causes they believe in. To aid in this endeavour, we also promote community engagement through various volunteering programmes including local garden creation and tree planting; and digital skills education programmes run at our offices to local students from disadvantaged backgrounds, in partnership with the social mobility charity The Elephant Group.

Pricing

• Price: £66,000 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@palantir.com. Tell them what format you need. It will help if you say what assistive technology you use.