thatDot, Inc., the pioneer in streaming graph event processing software, today announced the general availability of Novelty Detector. Only Novelty Detector’s patent-pending technique uses categorical data to score streaming data in real time to detect malicious behavior much sooner in the kill chain and with dramatically fewer false positives and lower analyst effort.
Traditional anomaly detection ignores categorical data, instead relying strictly on numerical data and statistical analysis, which breaks down in the face of high data dimensionality and produces massive volumes of false positives and alert fatigue for SOC analysts. Malicious activity remains undetected or is detected too late in the kill chain to prevent exposure and damage.
Built on Quine.io open source streaming graph technology, only thatDot’s Novelty Detector taps into vast amounts of previously unused categorical data to accurately and efficiently model the behaviors of systems, devices, applications and users, all without requiring expensive data labeling or analyst effort.
Novelty Detector delivers real-time novelty scoring on streaming data immediately, as it’s ingested. Combined with the context of previous data and the power of graph data models, Novelty Detector massively reduces false positives, while easily scaling to millions of events per second.
“Current analytical tools are built for numeric data, leaving aside all the valuable context contained and behavioral signals in categorical data that is key to distinguishing between unique and anomalous events, and if new events are actually normal,” said Ryan Wright, CEO of thatDot. “Categorical data at scale is the future of anomaly detection in cybersecurity. Using Novelty Detector, organizations gain real-time novelty scores, assessments and explanations through behavioral fingerprinting, without the frustration and fatigue of overwhelming volumes of false positives.”
Latest Release Adds Automatic Unsupervised Model Training
The GA release of Novelty Detector, available today, includes a new automatic unsupervised training feature. This innovation means the system ingests data, calibrates and trains itself, then scores every piece of data in real time for how unusual it is. With this new capability, difficult security problems like insider threat detection and cloud credential theft are automatically solved, and produce real-time actionable results.
“Novelty Detector is a remarkable combination of a powerful graph AI software tool for anomaly detection that is easy to operate,” said Gery Szlobodnyik, CEO of TraceRiser. “We feed data into the system and it tells us when it has seen enough to start delivering value. I wish all machine learning systems were that simple.” Yesterday, thatDot showcased the latest release of Novelty Detector at the 2022 TigerGraph Graph + AI Summit. The company demonstrated how with no training or data labeling, Novelty Detector could use the categorical data available in AWS CloudTrail logs to detect malicious use of stolen credentials.
Novelty Detection is just one of the many applications of open source Quine streaming graph technology. Partners, community members and contributors have already created and shared pre-built configurations for Quine, called recipes, that package up valuable use cases for one-click operation. Spin up the latest release of thatDot Novelty Detector in just minutes in the cloud from the AWS Marketplace or on-premise at thatDot.com.
thatDot is the pioneer of complex event processing software that captures the full value of massive amounts of streaming data for advanced AI and ML applications. thatDot’s portfolio of software includes Quine, an open source streaming graph solution for event-driven applications. Investors in the company include Hale Capital, Oregon Venture Fund and CrowdStrike. Based in Portland, Oregon, thatDot is currently hiring remote employees nationwide.