See results in days with minimal data pre-processing.

Painless Integration

DataVisor’s Unsupervised Machine Learning Engine and proprietary big data infrastructure allow clients to begin detecting attackers in days rather than months. The UML Engine can ingest a wide variety of structured and unstructured data with minimal pre-processing and no training labels, saving months of effort for clients. In addition, our scalable infrastructure allows clients to load all of their data at once, maximizing the chance of catching fraud and abuse.

Key Benefits

Person Desk - blue v0

Minimal Pre-Processing

DataVisor’s UML engine analyzes and extracts features from a range of structured and unstructured data types across multiple channels with minimal pre-processing. No need to wrangle data, run analyses, or spend time on feature extraction.

Labels - Blue - V1

No Labels

Unlike existing machine learning solutions, DataVisor’s UML engine detects hidden correlations across attackers without any training labels, saving time and improving detection of new and unknown attacks that manual reviews miss.

Multiple Sources - blue - v0

Use All of Your Data

DataVisor’s industry-leading big-data infrastructure analyzes all client data at once, improving detection results by finding hidden connections in the data. It supports data collected from different sources without the need of joining them first.

Cloud Server Blue v1

Deploy Anywhere

DataVisor supports public cloud, private cloud, and on-premise deployments to meet our clients’ security requirements.

Continuous Circle Blue v1

Batch or Real-Time

DataVisor supports both batch and real-time data connections depending on our client’s detection requirements.

UI vs API blue v0


Use DataVisor’s threat console to visualize and drill down into results or download results as a table or via our batch or real time API.

Four Steps to Launch UML Detection

Step 1: Collect Data

DataVisor primarily analyzes two types of data – user account profile data and user event data. User account profile data are characteristics of the user account itself, like user name, registration date, email, address, etc. Event data are data tied to specific events, including event type, event timestamp, and any other data related to the event itself. You’ll work with your DataVisor account manager to identify which data will be most relevant to your detection goals, and whether any minor data processing is needed.

Step 2: Choose Deployment and Data Connection Options

DataVisor can work with you to determine the best deployment and data connection options based on your company’s security requirements and resource availability. DataVisor supports many public clouds, including AWS, Azure, and Alicloud, private clouds, and on-premise deployments. You can also choose between a batched or real-time data connection depending on your specific detection needs.

Step 3: Send Data

For real-time connections, DataVisor will work with you to connect to the DataVisor API. For batch data connections, DataVisor accepts data in many formats, including JSON, TSV and CSV, and will setup dedicated cloud storage to ensure its privacy. DataVisor’s secure data transfer program will allow you to send, receive, and manage your data. For clients looking to detect app install fraud and using attribution platforms Adjust, AppsFlyer, or Tune, DataVisor’s pre-existing integrations allow an instant data connection.

Step 4: Stop Attackers Before They Strike

We’ll work with your team to optimize the results to meet your specific detection goals, allowing you to avoid manual steps like data processing, feature extraction, and model validation. You’ll be able to utilize DataVisor’s results in whichever method is most useful to you: via the API for integration into other systems; via the DataVisor UI for drilling down into results; or via summary reports with scores and reason codes.

Ready to enhance your detection with unsupervised machine learning?