Introducing thresholds in Security Event Alerting: a z-score love story
What's this blog post about?
Cloudflare has introduced thresholds for Security Event Alerts, a new method of detecting anomalous spikes in security events on internet properties. Previously, calculations were based solely on z-score methodology, which determined most significant spikes but could be inaccurate for domains with few security events. By introducing a threshold, alerts are now more accurate and only sent when truly necessary. The new strategy combines the strengths of both z-score and threshold methods to accurately detect anomalous spikes while minimizing false positives.
Company
Cloudflare
Date published
Aug. 30, 2022
Author(s)
Kristina Galicova
Word count
1179
Hacker News points
2
Language
English