Abstract: Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: Deriving and surfacing insights regarding security threats is disclosed. A plurality of features associated with a message is determined. A plurality of facet models is used to analyze the determined features. Based at least in part on the analysis, it is determined that the message poses a security threat. A prioritized set of information is determined to be provided as output that is representative of why the message was determined to pose a security threat. At least a portion of the prioritized set of information is provided as output.

Abstract: Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: Deriving and surfacing insights regarding security threats is disclosed. A plurality of features associated with a message is determined. A plurality of facet models is used to analyze the determined features. Based at least in part on the analysis, it is determined that the message poses a security threat. A prioritized set of information is determined to be provided as output that is representative of why the message was determined to pose a security threat. At least a portion of the prioritized set of information is provided as output.

Abstract: Deriving and surfacing insights regarding security threats is disclosed. A plurality of features associated with a message is determined. A plurality of facet models is used to analyze the determined features. Based at least in part on the analysis, it is determined that the message poses a security threat. A prioritized set of information is determined to be provided as output that is representative of why the message was determined to pose a security threat. At least a portion of the prioritized set of information is provided as output.

Abstract: Introduced here are computer programs and computer-implemented techniques for generating and then managing a federated database that can be used to ascertain the risk in interacting with vendors. At a high level, the federated database allows knowledge regarding the reputation of vendors to be shared amongst different enterprises with which those vendors may interact. A threat detection platform may utilize the federated database when determining how to handle incoming emails from vendors.

Abstract: Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: Introduced here are computer programs and computer-implemented techniques for generating and then managing a federated database that can be used to ascertain the risk in interacting with vendors. At a high level, the federated database allows knowledge regarding the reputation of vendors to be shared amongst different enterprises with which those vendors may interact. A threat detection platform may utilize the federated database when determining how to handle incoming emails from vendors.

Abstract: Introduced here are computer programs and computer-implemented techniques for generating and then managing a federated database that can be used to ascertain the risk in interacting with vendors. At a high level, the federated database allows knowledge regarding the reputation of vendors to be shared amongst different enterprises with which those vendors may interact. A threat detection platform may utilize the federated database when determining how to handle incoming emails from vendors.

Abstract: Introduced here are computer programs and computer-implemented techniques for generating and then managing a federated database that can be used to ascertain the risk in interacting with vendors. At a high level, the federated database allows knowledge regarding the reputation of vendors to be shared amongst different enterprises with which those vendors may interact. A threat detection platform may utilize the federated database when determining how to handle incoming emails from vendors.

Abstract: Introduced here are computer programs and computer-implemented techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise. A threat detection platform may determine the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. For example, to understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: Deriving and surfacing insights regarding security threats is disclosed. A plurality of features associated with a message is determined. A plurality of facet models is used to analyze the determined features. Based at least in part on the analysis, it is determined that the message poses a security threat. A prioritized set of information is determined to be provided as output that is representative of why the message was determined to pose a security threat. At least a portion of the prioritized set of information is provided as output.

Abstract: Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: Introduced here are computer programs and computer-implemented techniques for generating and then managing a federated database that can be used to ascertain the risk in interacting with vendors. At a high level, the federated database allows knowledge regarding the reputation of vendors to be shared amongst different enterprises with which those vendors may interact. A threat detection platform may utilize the federated database when determining how to handle incoming emails from vendors.

Abstract: Introduced here are computer programs and computer-implemented techniques for generating and then managing a federated database that can be used to ascertain the risk in interacting with vendors. At a high level, the federated database allows knowledge regarding the reputation of vendors to be shared amongst different enterprises with which those vendors may interact. A threat detection platform may utilize the federated database when determining how to handle incoming emails from vendors.

Abstract: Introduced here are computer programs and computer-implemented techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise. A threat detection platform may determine the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. For example, to understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: Introduced here are computer programs and computer-implemented techniques for generating and then managing a federated database that can be used to ascertain the risk in interacting with vendors. At a high level, the federated database allows knowledge regarding the reputation of vendors to be shared amongst different enterprises with which those vendors may interact. A threat detection platform may utilize the federated database when determining how to handle incoming emails from vendors.