Real-Time Deep Analysis at Scale

thatDot Streaming Graph is an event stream processor that finds the relationships between multiple data streams and analyzes that dynamic graph in real time.

Respond fast to catch threats


Reduce mean time to detect (MTTD)

thatDot was developed in a DARPA research project to catch low and slow attacks such as advanced persistent threats (APT), the most difficult to catch because the first part of their pattern of attack and the last could be separated by months. Not limited to time windows like every other event processor, thatDot remembers all partial pattern matches ever found. Within milliseconds of a data point completing the threat signature pattern, that match is responded to, sent downstream, shown in monitoring alerts, or sent as a Slack message to the person who needs to see it.

The results are fast detection of fraud or intrusion—often well within breakout time for new intrusions, within milliseconds of exfiltration even for low and slow intrusions and living off the land attacks.

APT-Detection-Streaming-Graph-screenshot-annotated
Shrink loss windows with real-time forensics

Reduce mean time to contain (MTTC)

Processing streaming data in real time makes for real-time forensics. Quickly investigate and locate the new threat signature. Figure out exactly how the intruder got in, how long they’ve been there, what damage they did, and lock them out fast. Every minute that goes by with a bad actor loose in your infrastructure has a high dollar cost.

The shorter the loss window, the less money a breach costs your customer.

Reduce false positives to near zero

Constant false positive alerts cause burnout and let real attacks slip by under the noise.

New is not always novel. thatDot Novelty uses context awareness across your data streams to accurately tell the difference. The built-in proprietary AI learns the contextual fingerprint of your data environment without needing data labeling or other labor intensive training. It spots which things don’t belong with a level of accuracy that will let overworked cybersecurity people stop wasting their time on false alarms.

Cybersecurity threat signatures are constantly at least one breach behind. Real-time anomaly detection catches bad actors, even if they use an approach you’ve never seen before. Useful for:

  • Threat Hunting
  • Anomaly Detection
  • Insider Threat Detection
  • Fraud Detection
Analyze user and entity behavior in real time

Event stream processor + graph analytics = find relationships fast

With thatDot, find relationships between multiple streaming data sources at once (Apache Kafka, Kinesis, SQS,…) plus batch files for context, without the resource cost of excessive joins. Resolve duplicates, intelligently filter out unneeded information, and find threat signatures in real time. You can also do what graph data structures are best at, analyzing categorical data and the relationships between them, without the long delay and inaccuracy of first turning that data into numbers in a database before you analyze it.

Deep relationship analysis that only graphs do well like fraud detection, entity resolution, cyber threat detection, and risk analysis are now possible at event processor speeds.

  • Entity and User Behavior Analytics (EUBA)
  • Dynamic Digital Twins
  • Fraud detection
  • Tainted Funds Tracking
Scale virtually without limits

Analyze your mountains of data

Machine data such as network, logs, sensors, etc. is too much for graph databases to handle. There is no known limit to how much data thatDot can handle. Unlike graph databases, thatDot software can distribute the workload across a cluster, even supernodes with hundreds of thousands of edges. But while thatDot software scales indefinitely, your budget doesn’t. thatDot only needs about 300 MB of RAM, and the recipe examples can all be run on the smallest raspberry pi made, ideal for deploying near the edge for IoT use cases that require smart filtering.

High scale, low resource requirements.

Develop thatDot-powered OEM applications or enterprise data pipelines fast
Event Driven Graph Analysis

Rich APIs and standard Cypher graph query language

Embedding thatDot graph event stream processing in your applications or dropping it into your streaming data pipelines is straightforward. Data streams in. Answers stream out. No special tech or skills required. The built-in backpressure systems keep you from losing data or overwhelming downstream applications. The graph data model eliminates issues with out of order data. You can interactively explore the dynamic graph with ad hoc queries as it changes. See graph and query results in the UI, or in the visualization tool of your choice.

If a standing query finds something interesting, you can:

  • Send the results downstream to applications, monitoring, or messaging systems.
  • Feed back and add that information to the dynamic graph for more exploration.
  • Trigger additional queries.

thatDot streaming graph analytics and machine learning-driven anomaly detection

Query the future with thatDot Streaming Graph

thatDot Streaming Graph queries the graph join of multiple data streams letting you find threat signatures and other patterns of interest without time window limitations that hamper all other event stream processing engines. This makes it uniquely well-suited to finding advanced persistent threats (APTs) and other cybersecurity threats. It’s also exceptional at real-time risk analysis, fraud detection, entity resolution, anomaly detection, digital twins, and smart filtering of edge data and other large datasets as they stream in.

Find unknown hidden problems with thatDot Novelty

Novelty has a proprietary built-in AI designed to find the unknown unknowns in your data as it streams in. No training or data labeling is needed. As data streams in, the AI develops a contextual fingerprint of your specific data. With this contextual awareness, it reduces false positives to near zero, and provides an explanation for each ranking. Use it for cybersecurity to find insider threats, or new threats with no known threat signature. It also works well for finding well-hidden fraud. You know there are important things hiding in your data. thatDot Novelty can help.

Recent posts

Want to read more news and other posts? Visit the resource center for all things thatDot.

Help Center

Streaming Graph Help

Novelty Help