The challenge
A global technology company with offices, facilities, and personnel across 195 countries needed a security intelligence platform that could answer one question in under a minute: is it safe to send our people there?
The existing answer was manual. Security analysts pulled travel advisories from government websites, cross-referenced against internal incident reports, and produced briefings that were outdated before they were read. The process worked for routine travel reviews. It broke down during fast-moving situations — active civil unrest, sudden regulatory changes, health emergencies — when decisions needed to be made in hours, not days.
The brief was to build something better. Decision-ready intelligence, grounded in multiple official sources, tied directly to the company's own assets and personnel exposure, with confidence levels that reflected what the data actually supported.
The engagement
We embedded with the Global Protective Services team before writing any architecture. The first two weeks were spent understanding how decisions actually got made: who approves travel, what sources they trusted, what made them escalate, and where the current process created friction.
That understanding shaped every design decision that followed.
The data architecture
The platform integrates 41+ live data sources across six intelligence domains:
Government travel advisories — US State Department, UK FCDO, Canadian DFATD, Australian DFAT, and additional national advisory systems. When sources conflict — which they do, particularly for complex geopolitical situations — the system surfaces the disagreement rather than silently averaging it.
Conflict and security events — ACLED political violence data (geocoded events, actor classification, fatality counts), UCDP armed conflict data, and regional security event feeds. Conflict events are separated from global cyber noise to prevent high-volume technical feeds from obscuring operational security signals.
Sanctions and export controls — OFAC, EU Sanctions Map, UN Security Council Consolidated List, UK OFSI, and additional national sanctions authorities. Updated daily, with immediate alerts on additions and removals.
Cyber and infrastructure threats — CISA Known Exploited Vulnerabilities, NVD CVE feeds, vendor security advisories, and CERT/CSIRT intelligence. These run in the background as a country risk factor rather than dominating the primary decision surface.
Public health and humanitarian — WHO disease outbreak notifications, ECDC epidemiological alerts, ReliefWeb crisis data, and GDACS disaster alerts.
Environmental and climate hazards — NASA FIRMS wildfire data, NOAA/NWS emergency alerts, USGS seismic data, and Copernicus emergency mapping.
The scoring model
Each country receives a composite risk score across six dimensions: security, political stability, conflict intensity, public health, natural disaster exposure, and crime. Scores are confidence-qualified — a country with excellent data coverage receives a high-confidence score; a country with stale or missing feeds receives a score with explicit uncertainty bounds.
The confidence layer was the hardest design problem. The temptation is to display a single number that implies precision. The right answer is to show what the number is based on, which feeds contributed, which feeds are stale or missing, and what that means for the reliability of the score.
When a critical feed is offline, the platform flags it immediately in the country panel rather than silently degrading the score. Transparency about data quality is not optional in a system where decisions affect people's physical safety.
The HPE exposure model
The platform's differentiating capability is enterprise asset mapping. Generic country risk scores exist everywhere. What doesn't exist is a platform that ties country risk directly to your specific offices, facilities, active travelers, planned trips, vendors, and supply chain exposure.
Every country brief opens with the enterprise exposure summary first: how many facilities are in-country, how many active travelers are currently there, what vendors operate in the affected region, and who the escalation owner is. The risk score is context for the exposure — not the other way around.
The decision interface
The primary interface is a command center, not a map. The opening view presents an action queue (countries with changed advisories, elevated risk scores, or pending travel decisions), a watchlist, a source health panel, and a countries-requiring-review summary.
The map exists as a supporting visualization. It is not the primary decision surface.
Country briefings produce a deterministic decision card immediately: Go / Watch / Escalate / No-Go, with the policy basis, active constraints, confidence level, and required action. The decision card renders from deterministic logic before AI-generated narrative is complete. A security analyst should never be waiting for an AI brief to know that a Level 4 travel advisory applies.
AI is an expansion layer. It drafts narrative, surfaces implications, and answers follow-up questions. It does not make the decision. Every AI output includes the source table, source timestamps, data gaps, and confidence context.
Country risk reports
The platform generates country-specific risk reports on demand. Each report includes the composite score, confidence breakdown, active government advisories with source attribution, dimension-by-dimension analysis, and required enterprise actions.
Reports have been generated and delivered for operations in Spain, Singapore, China, Germany, and Mexico, among others. The report format is designed to be handed to legal counsel, HR, or the board without translation — each section is written for an executive reader, not a security analyst.
What we learned building this
Deterministic first, generative second. The most important architectural decision was making the decision card render before AI. Intelligence that requires waiting for a language model to produce a verdict creates latency at exactly the wrong moment. Compute the answer from the data. Use AI to explain and expand it.
Source conflicts are information, not noise. When the US State Department and Canadian DFATD disagree on a country's risk level, that disagreement is significant. The correct response is to surface it explicitly with source attribution, not to average it away. Users need to know when the underlying sources disagree.
Exposure beats scores. A country risk score means one thing to a company with no presence there and something entirely different to a company with 200 employees in-country. The platform's value is the connection between risk data and enterprise exposure — and that connection requires knowing the enterprise in detail.
Feed health is as important as feed content. A missing feed is a blind spot, not a neutral baseline. The platform treats offline sources, stale data, and parser errors as risk signals that appear next to the scores they affect.
PurviewX builds enterprise intelligence systems for organizations operating in complex, high-stakes environments. Start a conversation.