A Rules Engine That Adapts to Changing Attack Patterns

The biggest challenge for companies using a rules engine for threat detection is maintaining its quality over time. As new threats emerge and criminals adapt, it quickly becomes very time-consuming to add and modify the hundreds or thousands of rules within the rules engine. DataVisor’s patent-pending Automated Rules Engine solves this problem. It automatically creates new rules and deprecates outdated rules so you can maximize detection of malicious accounts while reducing false positives resulting from decaying or imprecise rules.

Powered by Unsupervised Machine Learning

DataVisor’s Automated Rules Engine generates rules automatically on a daily basis from attributes provided by our Unsupervised Machine Learning Engine. While traditional rules engines are reactive to new attacks, our Unsupervised Machine Learning (UML) Engine excels at identifying changing attack patterns by correlating user and event attributes of coordinated attack campaigns. The same suspicious attributes discovered by our UML Engine is used to create new rules automatically in our Automated Rules Engine. Further, the rules within the Automated Rules Engine are constantly monitored to ensure that they’re still highly effective and accurate; those that become outdated are automatically removed.

Reduce manual rules tuning time

Rules are created automatically from UML results so you can save time on creating, testing and deprecating rules.

Deploy rules that actually work

Outdated rules are deprecated automatically, and new rules can be backtested for effectiveness and lower your false positives.

Access UML detection with confidence

Our automated rules provide a human understandable version of our machine learning detection results for easy review and validation.

Key Product Features

Rules overview view to monitor rule health.

Create rules automatically

Generate new rules and retire decaying rules based on DataVisor’s UML results.

Monitor effectiveness of your rules

View performance details of a rule such as how many users the rule detected and accuracy of a rule over time.

Create manual rules

Create custom rules with your domain expertise using Boolean logic and complex operands.

Backtest rules

Backtest rules you manually created using historical data before deploying them on your system.

Getting Started

Want to be a part of the exciting journey we are undertaking to transform how online threat detection is done? Request a trial today.

Request Trial