thatDot launched Novelty Detector, a real-time graph AI for cybersecurity anomaly detection on categorical data based on Quine, their open-source streaming graph. thatDot transforms high-volume data into high-value data by allowing data engineers to build data pipelines much faster and with profound new capabilities. Novelty Detector’s patent-pending technique scores streaming data in real-time using categorical data to detect malicious behavior much earlier in the kill chain, with fewer false positives and lower analyst effort.
Ryan Wright, CEO of thatDot commented, “Current analytical tools are built for numeric data, leaving aside all the valuable context contained and behavioral signals in categorical data that is key to distinguishing between unique and anomalous events, and if new events are normal. Categorical data at scale is the future of anomaly detection in cybersecurity. Using Novelty Detector, organizations gain real-time novelty scores, assessments, and explanations through behavioral fingerprinting, without the frustration and fatigue of overwhelming volumes of false positives.”
Anomaly detection traditionally ignores categorical data, relying instead on numerical data and statistical analysis, which fails in the face of high data dimensionality, resulting in massive volumes of false positives and alert fatigue for SOC analysts. Malicious activity goes undetected or is discovered too late in the kill chain to avoid exposure and damage.
Only thatDot’s Novelty Detector, built on Quine.io open-source streaming graph technology, taps into vast amounts of previously unused categorical data to model the behaviors of systems, devices, applications, and users accurately and efficiently, all without requiring expensive data labeling or analyst effort.
Novelty Detector provides real-time novelty scoring on streaming data as it is ingested. When combined with previous data context and the power of graph data models, Novelty Detector significantly reduces false positives while easily scaling to millions of events per second.
Gery Szlobodnyik, CEO of TraceRiser stated, “Novelty Detector is a remarkable combination of a powerful graph AI software tool for anomaly detection that is easy to operate. We feed data into the system, and it tells us when it has seen enough to start delivering value. I wish all machine learning systems were that simple.”
Read more articles: