Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We recognize the critical importance of maintaining the safety and security of our systems and data and have a comprehensive approach to overseeing and managing cybersecurity and related risks. Our Board of Directors (the “Board”), the Audit Committee of the Board (the “Audit Committee”), and our management are actively involved in the oversight of our risk management program, of which cybersecurity represents an important component. We have established policies, standards, processes, and practices for assessing, identifying, and managing material risks from cybersecurity threats. A key component of this is our standing Security Steering Group (“SSG”), whose members include, among others, our Chief Information Security Officer (“CISO”), Chief Product Officer, and Vice President of Cloud Technology. We have devoted significant financial and personnel resources to implement and maintain security measures to meet regulatory requirements and customer expectations, and we intend to continue to make significant investments to maintain the security of our data and cybersecurity infrastructure. There can be no guarantee that our policies, standards, processes, and practices will be properly followed in every instance or that they will be effective. Although we are not aware of having experienced any prior material data breaches, regulatory non-compliance incidents, or cyber security incidents, we may in the future be impacted by such an event, exposing our clients and us to the risk of someone obtaining access to our information, to the information of our clients or their customers, or to our intellectual property, disabling or degrading service, or sabotaging systems or information. Any such security incident could result in a loss of confidence in the security of our services, damage our reputation, disrupt our business, require us to incur significant costs of investigation, remediation, and/or payment of a ransom, lead to legal liability, negatively impact our future sales, and result in a substantial financial loss. For additional information, see "Item 1A. Risk Factors" of this Annual Report. Risk Management and Strategy Our policies, standards, processes, and practices for assessing, identifying, and managing material risks from cybersecurity threats are integrated into our overall risk management program and are based on frameworks established by the National Institute of Standards and Technology, the International Organization for Standardization, and certain other applicable industry standards. Our cybersecurity program focuses on the following key areas: Collaboration We have implemented a governance structure and processes to aggregate reported cybersecurity risks on behalf of Pega Cloud, Pega’s software products, and the corporate environment. Our SSG is responsible for providing strategic direction for implementing and maintaining our cyber risk management program. Risk Assessment Our cyber risk management program is designed to follow the ISO 31000 and the NIST Special Publication 800-37 frameworks and is within the scope of our ISO 27001 certifications. At least annually, we conduct cybersecurity risk assessments that consider information from internal stakeholders, known information security vulnerabilities, and information from external sources, such as reported security incidents that have impacted other companies, industry trends, and evaluations by third parties and consultants. The results of the assessments are provided to our SSG and are used to drive alignment on, and prioritization of, initiatives to enhance our security controls, make recommendations to improve processes, and inform our broader enterprise-level risk assessment. Key findings of these assessments are periodically presented to the Board and the Audit Committee. Technical Safeguards We regularly assess and deploy technical safeguards designed to protect our information systems from cybersecurity threats. Such safeguards are regularly evaluated and improved based on vulnerability assessments, cybersecurity threat intelligence, and incident response experience. Incident Response and Recovery Planning We have implemented Cyber Incident Response Programs, which are within the scope of our ISO 27001 certifications. We have also implemented Business Continuity Programs, which are within the scope of our ISO 22301 certification. We have established comprehensive incident response and recovery plans and test and evaluate the effectiveness of those plans regularly. Third-Party Risk Management We have implemented a Vendor Cybersecurity Risk Management Program (“VCRMP”), which is within the scope of our ISO 27001 certifications. The VCRMP controls are designed to identify and mitigate cybersecurity threats associated with our use of third-party service providers. These providers are subject to security risk assessments at the time of onboarding, contract renewal, and upon detection of an increase in risk profile. We use a variety of inputs in making these risk assessments, including information supplied by providers and third parties. In addition, we require our providers to meet appropriate security requirements, controls and responsibilities, and investigate security incidents that have impacted our third-party providers, as appropriate. Education and Awareness We require all employees to participate in security awareness training, including frequent phishing tests. Currently, our mandatory employee training courses include Security Awareness, Physical Security Awareness, Mobile Device Security, Business Continuity and Phishing, Work From Home, and AI Chatbot. In addition, all of our employee software developers are required to take additional security awareness training, currently including Secure Development. We periodically adjust the list of mandatory and optional courses. Corporate Security Posture We periodically conduct independent security assessments to assess our corporate environment’s security posture and inform where cyber security investments should be made. For systems in our corporate environment where our cloud certifications have an operational dependency, we also maintain ISO/IEC 27001 certifications relating to overall IT processes and controls and ISO 22301 certification relating to business continuity. Product Security Posture To facilitate identification of security vulnerabilities in our products, we periodically conduct third party penetration tests and participate in the independent Verified By Veracode program, as detailed on its website (https://www.veracode.com/verified/directory/pegasystemsInc) which is included as an inactive reference and the content of which is not incorporated by reference into this Annual Report. We also generate a monthly software bill of materials that identifies open source included in certain of our product offerings and periodically have an independent security assessment firm evaluate the security risks linked to suppliers we use, including source code repositories, the infrastructure employed for software development, and the mechanisms used for software delivery, such as Amazon Web Services (“AWS”), Google Cloud, and Microsoft Azure. Our Chief Product Officer reviews these findings and provides updates to our SSG. We regularly release new versions of our products to address identified security vulnerabilities, enabling clients to stay updated with the latest product releases. However, even after we make these updates available, it is possible that clients do not implement these updates or use products on extended support that do not include security updates. Pega Cloud Security Posture Pega Cloud undergoes several security assessments a year. Redacted versions of these reports are made available to our clients. Pega Cloud also maintains several security certifications, which are listed at https://pega.com/trust, which is included as an inactive reference and the content of which is not incorporated by reference into this Annual Report. Pega Cloud for Government is rated FedRAMP Moderate and undergoes several security assessments a year as part of the FedRAMP certification process. Our Vice President of Cloud Technology reviews these assessments and provides updates to our SSG.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Our policies, standards, processes, and practices for assessing, identifying, and managing material risks from cybersecurity threats are integrated into our overall risk management program and are based on frameworks established by the National Institute of Standards and Technology, the International Organization for Standardization, and certain other applicable industry standards.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	As part of our corporate governance process, the Board, along with the Audit Committee, oversee our risk management process, which includes cybersecurity and related risks. Our CISO periodically meets with the Board and Audit Committee to inform and update them on our cybersecurity program.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	As part of our corporate governance process, the Board, along with the Audit Committee, oversee our risk management process, which includes cybersecurity and related risks. Our CISO periodically meets with the Board and Audit Committee to inform and update them on our cybersecurity program.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	As part of our corporate governance process, the Board, along with the Audit Committee, oversee our risk management process, which includes cybersecurity and related risks. Our CISO periodically meets with the Board and Audit Committee to inform and update them on our cybersecurity program.
Cybersecurity Risk Role of Management [Text Block]	As part of our corporate governance process, the Board, along with the Audit Committee, oversee our risk management process, which includes cybersecurity and related risks. Our CISO periodically meets with the Board and Audit Committee to inform and update them on our cybersecurity program. SSG and Key Personnel We have a standing SSG whose members include, among others, our CISO, Chief Product Officer, and Vice President of Cloud Technology. The SSG is charged with providing strategic direction for the implementation and ongoing operation of our cyber security program. The SSG meets at least quarterly. Our CISO chairs the SSG and decisions and recommendations are based on a consensus of the members. Our CISO has over twenty years of professional experience, with twelve years in information security roles. He has been with Pega for five years and has a Master of Science degree from Northwestern University. Our Chief Product Officer has been with Pega for thirty-two years, has extensive experience in software development, and has a Bachelor of Science from the Indiana University of Pennsylvania. Our Vice President of Cloud Technology has been with Pega for seven years and has twenty-five years of networking and security management experience, with seventeen years of leadership roles in cloud services and related information security issues.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	We have a standing SSG whose members include, among others, our CISO, Chief Product Officer, and Vice President of Cloud Technology. The SSG is charged with providing strategic direction for the implementation and ongoing operation of our cyber security program. The SSG meets at least quarterly. Our CISO chairs the SSG and decisions and recommendations are based on a consensus of the members.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CISO has over twenty years of professional experience, with twelve years in information security roles. He has been with Pega for five years and has a Master of Science degree from Northwestern University. Our Chief Product Officer has been with Pega for thirty-two years, has extensive experience in software development, and has a Bachelor of Science from the Indiana University of Pennsylvania. Our Vice President of Cloud Technology has been with Pega for seven years and has twenty-five years of networking and security management experience, with seventeen years of leadership roles in cloud services and related information security issues.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	We have a standing SSG whose members include, among others, our CISO, Chief Product Officer, and Vice President of Cloud Technology. The SSG is charged with providing strategic direction for the implementation and ongoing operation of our cyber security program. The SSG meets at least quarterly. Our CISO chairs the SSG and decisions and recommendations are based on a consensus of the members.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We recognize the critical importance of maintaining the safety and security of our systems and data and have a comprehensive approach to overseeing and managing cybersecurity and related risks. Our Board of Directors (the “Board”), the Audit Committee of the Board (the “Audit Committee”), and our management are actively involved in the oversight of our risk management program, of which cybersecurity represents an important component. We have established policies, standards, processes, and practices for assessing, identifying, and managing material risks from cybersecurity threats. A key component of this is our standing Security Steering Group (“SSG”), whose members include, among others, our Chief Information Security Officer (“CISO”), Chief Product Officer, and Vice President of Cloud Technology. We have devoted significant financial and personnel resources to implement and maintain security measures to meet regulatory requirements and customer expectations, and we intend to continue to make significant investments to maintain the security of our data and cybersecurity infrastructure. There can be no guarantee that our policies, standards, processes, and practices will be properly followed in every instance or that they will be effective.

Although we are not aware of having experienced any prior material data breaches, regulatory non-compliance incidents, or cyber security incidents, we may in the future be impacted by such an event, exposing our clients and us to the risk of someone obtaining access to our information, to the information of our clients or their customers, or to our intellectual property, disabling or degrading service, or sabotaging systems or information. Any such security incident could result in a loss of confidence in the security of our services, damage our reputation, disrupt our business, require us to incur significant costs of investigation, remediation, and/or payment of a ransom, lead to legal liability, negatively impact our future sales, and result in a substantial financial loss. For additional information, see "Item 1A. Risk Factors" of this Annual Report.

Risk Management and Strategy

Our policies, standards, processes, and practices for assessing, identifying, and managing material risks from cybersecurity threats are integrated into our overall risk management program and are based on frameworks established by the National Institute of Standards and Technology, the International Organization for Standardization, and certain other applicable industry standards.

Our cybersecurity program focuses on the following key areas:

Collaboration

We have implemented a governance structure and processes to aggregate reported cybersecurity risks on behalf of Pega Cloud, Pega’s software products, and the corporate environment. Our SSG is responsible for providing strategic direction for implementing and maintaining our cyber risk management program.

Risk Assessment

Our cyber risk management program is designed to follow the ISO 31000 and the NIST Special Publication 800-37 frameworks and is within the scope of our ISO 27001 certifications.

At least annually, we conduct cybersecurity risk assessments that consider information from internal stakeholders, known information security vulnerabilities, and information from external sources, such as reported security incidents that have impacted other companies, industry trends, and evaluations by third parties and consultants. The results of the assessments are provided to our SSG and are used to drive alignment on, and prioritization of, initiatives to enhance our security controls, make recommendations to improve processes, and inform our broader enterprise-level risk assessment. Key findings of these assessments are periodically presented to the Board and the Audit Committee.

Technical Safeguards

We regularly assess and deploy technical safeguards designed to protect our information systems from cybersecurity threats. Such safeguards are regularly evaluated and improved based on vulnerability assessments, cybersecurity threat intelligence, and incident response experience.

Incident Response and Recovery Planning

We have implemented Cyber Incident Response Programs, which are within the scope of our ISO 27001 certifications. We have also implemented Business Continuity Programs, which are within the scope of our ISO 22301 certification. We have established comprehensive incident response and recovery plans and test and evaluate the effectiveness of those plans regularly.

Third-Party Risk Management

We have implemented a Vendor Cybersecurity Risk Management Program (“VCRMP”), which is within the scope of our ISO 27001 certifications. The VCRMP controls are designed to identify and mitigate cybersecurity threats associated with our use of third-party service providers. These providers are subject to security risk assessments at the time of onboarding, contract renewal, and upon detection of an increase in risk profile. We use a variety of inputs in making these risk assessments, including information supplied by providers and third parties. In addition, we require our providers to meet appropriate security requirements, controls and responsibilities, and investigate security incidents that have impacted our third-party providers, as appropriate.

Education and Awareness

We require all employees to participate in security awareness training, including frequent phishing tests. Currently, our mandatory employee training courses include Security Awareness, Physical Security Awareness, Mobile Device Security, Business Continuity and Phishing, Work From Home, and AI Chatbot. In addition, all of our employee software developers are required to take additional security awareness training, currently including Secure Development. We periodically adjust the list of mandatory and optional courses.

Corporate Security Posture

We periodically conduct independent security assessments to assess our corporate environment’s security posture and inform where cyber security investments should be made. For systems in our corporate environment where our cloud certifications have an operational dependency, we also maintain ISO/IEC 27001 certifications relating to overall IT processes and controls and ISO 22301 certification relating to business continuity.

Product Security Posture

To facilitate identification of security vulnerabilities in our products, we periodically conduct third party penetration tests and participate in the independent Verified By Veracode program, as detailed on its website (https://www.veracode.com/verified/directory/pegasystemsInc) which is included as an inactive reference and the content of which is not incorporated by reference into this Annual Report. We also generate a monthly software bill of materials that identifies open source included in certain of our product offerings and periodically have an independent security assessment firm evaluate the security risks linked to suppliers we use, including source code repositories, the infrastructure employed for software development, and the mechanisms used for software delivery, such as Amazon Web Services (“AWS”), Google Cloud, and Microsoft Azure. Our Chief Product Officer reviews these findings and provides updates to our SSG.

We regularly release new versions of our products to address identified security vulnerabilities, enabling clients to stay updated with the latest product releases. However, even after we make these updates available, it is possible that clients do not implement these updates or use products on extended support that do not include security updates.

Pega Cloud Security Posture

Pega Cloud undergoes several security assessments a year. Redacted versions of these reports are made available to our clients. Pega Cloud also maintains several security certifications, which are listed at https://pega.com/trust, which is included as an inactive reference and the content of which is not incorporated by reference into this Annual Report.

Pega Cloud for Government is rated FedRAMP Moderate and undergoes several security assessments a year as part of the FedRAMP certification process.

Our Vice President of Cloud Technology reviews these assessments and provides updates to our SSG.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

As part of our corporate governance process, the Board, along with the Audit Committee, oversee our risk management process, which includes cybersecurity and related risks. Our CISO periodically meets with the Board and Audit Committee to inform and update them on our cybersecurity program.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Role of Management [Text Block]

SSG and Key Personnel

We have a standing SSG whose members include, among others, our CISO, Chief Product Officer, and Vice President of Cloud Technology. The SSG is charged with providing strategic direction for the implementation and ongoing operation of our cyber security program. The SSG meets at least quarterly. Our CISO chairs the SSG and decisions and recommendations are based on a consensus of the members.

Our CISO has over twenty years of professional experience, with twelve years in information security roles. He has been with Pega for five years and has a Master of Science degree from Northwestern University.

Our Chief Product Officer has been with Pega for thirty-two years, has extensive experience in software development, and has a Bachelor of Science from the Indiana University of Pennsylvania.

Our Vice President of Cloud Technology has been with Pega for seven years and has twenty-five years of networking and security management experience, with seventeen years of leadership roles in cloud services and related information security issues.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our Chief Product Officer has been with Pega for thirty-two years, has extensive experience in software development, and has a Bachelor of Science from the Indiana University of Pennsylvania.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true