Automated Rules Engine
Improve detection performance while reducing rule maintenance
Traditional rules engines are popular solutions because of their easy explainability and support for compliance requirements. However manual rule creation and maintenance is extremely time consuming. Machine learning models reduce the amount of human intuition required, but their results are harder to explain due to their black box nature.
Limitations of Rules Engines
To detect attacks, existing solutions rely on human experience to create rules or labeled training data to tune models. This means they are unable to detect new attacks that haven’t already been identified by humans or labeled in training data.
Limitations of Machine Learning
Prior to an attack, sophisticated attackers discretely incubate accounts to give them realistic-appearing activity histories. These sleeper cells appear benign before they initiate fraudulent or abusive behaviors. Existing solutions cannot detect these sleeper cells until after they have exhibited malicious activity and caused damage.
The DataVisor Automated Rules Engine combines the power of AI and machine learning with the simple explainability of rules engines. It automatically provides human-understandable rules along with high detection performance and reduced maintenance costs by using results from the DataVisor Unsupervised Machine Learning Engine.
Detect Attacks Without Labels or Training Data
Maintain High Explainability and Transparency
Continuously Update or Deprecate Rules to Maintain Effectiveness
Support Legacy Manual Rules
The DataVisor Automated Rules Engine is one component of the DataVisor Detection Solution, and works in concert with the Unsupervised Machine Learning Engine, the Supervised Machine Learning Module, and the Global Intelligence Network.