Amit Tomar Sift is the leader in Digital Trust & Safety, empowering companies of all sizes to unlock revenue without risk. Sift prevents fraud with industry-leading technology and expertise.
As the leader in Digital Trust & Safety and a pioneer in using machine learning to fight fraud, Sift regularly deploys new machine learning models into production. Sift’s customers use the scores generated by machine learning models to decide whether to accept, block, or watch events and transactions. An example could be blocking all events with a high risk score. It’s very important that the new ML model releases do not cause a shift in score distributions. Score shift can cause customers to suddenly start blocking legitimate transactions and accepting fraudulent ones.
Sift’s customers have also built thousands of automated workflows to automatically determine whether to block, accept or watch a specific transaction or an event. Even a slight change in the score distributions may impact decision rates or introduce anomalies.
These anomalies in decision rates can be caused by internal changes in models and system components. They can also be caused by changes on the customers’ side: a change in integration, or decisioning behavior. Sometimes a change in decision rates is desirable – such as when there’s a fraud attack, entering into a new market, or a seasonal event.
The most important thing is to identify and triage changes in decision rates immediately in realtime to ensure that customers continue to get accurate results with Sift.
Sift needed a scalable product for monitoring customer outcomes in real time, knowing that each customer has unique traffic patterns and risk tolerances.
The solution had to meet the following requirements:
Because each customer has unique traffic and decision patterns, Sift needed a tool, which can automatically learn what “normal” looks like for each customer.
Sift set out to build an automated monitoring tool, Watchtower, a system that would use anomaly detection algorithms to learn from past data and trigger alerts in realtime on unusual changes.
To allow them to transition to real time anomaly detection, Sift chose to start with open source Druid on AWS.
But soon they started to run into deployment and upgrade related issues on Open Source Druid. Sift then decided to rely on Imply’s distribution of Druid for deployment, upgrade and overall cluster management.
Watchtower architecture can be categorized in below mentioned four components:
Sift uses plots generated by anomaly detection notebooks for alerting via various channels. Each alert contains the name of the customer with anomaly in their decision pattern, the metric which triggered the alert, and a link to a dashboard that updates in realtime.
Their support engineering teams use Imply Pivot to build out Dashboards and slice and filter data per decision type, product type, time of the day, etc. Support engineering team monitors statistics on decisions and score distributions.
Here’s an example of a dashboard for one of Sift’s internal test customers presented below.
Imply Pivot – Visualizing sub-second latency analytics
From a business standpoint, Watchtower running on Imply Druid with Imply Pivot exceeded Sift’s expectations. In the first month of launch, they were able to detect several possible anomalies without human intervention. They analyzed the data and saw a variety of root causes such as:
With Watchtower running on Imply Druid, their support engineering team was able to proactively contact customers quickly when anomalies were spotted, which prevented any potential business impact for their customers. This became possible with Imply Pivot, which allows the data to be analyzed in real time thereby reducing the time to resolve issues.
Introducing Schema Auto-Discovery in Apache Druid
In this blog article I’ll unpack schema auto-discovery, a new feature now available in Druid 26.0, that enables Druid to automatically discover data fields and data types and update tables to match changing...
Learn MoreIntroducing Apache Druid 26.0
Apache Druid® 26.0, an open-source distributed database for real-time analytics, has seen significant improvements with 411 new commits, a 40% increase from version 25.0. The expanded contributor base of 60...
Learn MoreShould You Build or Buy Security Analytics for SecOps?
When should you build—or buy—a security analytics platform for your environment? Here are some common considerations—and how Apache Druid is the ideal foundation for any in-house security solution.
Learn MoreReal-Time Analytics with Imply Polaris: From Setup to Visualization
Imply Polaris offers reduced operational overhead and elastic scaling for efficient real-time analytics that helps you unlock your data's potential.
Learn MoreExploring Unnest in Druid
Druid now has a new function, Unnest. Unnest explodes an array into individual elements. This blog contains design methodology and examples for this new Unnest function both from native and SQL binding perspectives.
Learn MoreWhat’s new in Imply Polaris – Our Real-Time Analytics DBaaS
Every week we add new features and capabilities to Imply Polaris. This month, we’ve expanded security capabilities, added new query functionality, and made it easier to monitor your service with your preferred...
Learn MoreACID and Apache Druid
ACID and Druid, an interesting dive into some of the Druid capabilities in the light of ACID compliance
Learn MoreHow to Build a Sentiment Analysis Application with ChatGPT and Druid
Leveraging ChatGPT for sentiment analysis, when combined with Apache Druid, offers results from large data volumes. This integration is easily achievable, revealing valuable insights and trends for businesses...
Learn MoreSnowflake and Apache Druid
In this blog, we will compare Snowflake and Druid. It is important to note that reporting data warehouses and real-time analytics databases are different domains. Choosing the right tool for your specific requirements...
Learn MoreLearn how to achieve sub-second responses with Apache Druid
Learn how to achieve sub-second responses with Apache Druid. This article is an in-depth look at how Druid resolves queries and describes data modeling techniques that improve performance.
Learn MoreApache Druid – Recovering Dropped Segments
Apache Druid uses load rules to manage the ageing of segments from one historical tier to another and finally to purge old segments from the cluster. In this article, we’ll show what happens when you make...
Learn MoreReal-Time Analytics: Building Blocks and Architecture
This blog identifies the key technical considerations for real-time analytics. It answers what is the right data architecture and why. It spotlights the technologies used at Confluent, Reddit, Target and 1000s...
Learn MoreTransactions Come and Go, but Events are Forever
For decades, analytics has focused on Transactions. While Transactions are still important, the future of analytics is understanding Events.
Learn MoreWhat’s new in Imply Polaris – Our Real-Time Analytics DBaaS
This blog explains some of the new features, functionality and connectivity added to Imply Polaris over the last two months. We've expanded ingestion capabilities, simplified operations and increased reliability...
Learn MoreElasticsearch and Druid
This blog will help you understand what Elasticsearch and Druid do well and will help you decide whether you need one or both to reach your goals
Learn MoreWow, that was easy – Up and running with Apache Druid
The objective of this blog is to provide a step-by-step guide on setting up Druid locally, including the use of SQL ingestion for importing data and executing analytical queries.
Learn MoreTop 7 Questions about Kafka and Druid
Read on to learn more about common questions and answers about using Kafka with Druid.
Learn MoreTales at Scale Podcast Kicks off with the Apache Druid Origin Story
Tales at Scale cracks open the world of analytics projects and shares stories from developers and engineers who are building analytics applications or working within the real-time data space. One of the key...
Learn MoreReal-time Analytics Database uses partitioning and pruning to achieve its legendary performance
Apache Druid uses partitioning (splitting data) and pruning (selecting subset of data) to achieve its legendary performance. Learn how to use the CLUSTERED BY clause during ingestion for performance and high...
Learn MoreEasily embed analytics into your own apps with Imply’s DBaaS
This blog explains how developers can leverage Imply Polaris to embed robust visualization options directly into their own applications without them having to build a UI. This is super important because consuming...
Learn MoreBuilding an Event Analytics Pipeline with Confluent Cloud and Imply’s real time DBaaS, Polaris
Learn how to set up a pipeline that generates a simulated clickstream event stream and sends it to Confluent Cloud, processes the raw clickstream data using managed ksqlDB in Confluent Cloud, delivers the processed...
Learn MoreReal time DBaaS comes to Europe
We are excited to announce the availability of Imply Polaris in Europe, specifically in AWS eu-central-1 region based in Frankfurt. Since its launch in March 2022, Imply Polaris, the fully managed Database-as-a-Service...
Learn MoreStream big, think bigger—Analyze streaming data at scale in 2023
Imply is predicting the next "big thing" in 2023 will be analyzing streaming data in real time (and Druid is built for just that!)
Learn MoreWhat’s new in Imply – December 2022
This is a what's new to Imply in Dec 2022. We’ve added two new features to Imply Polaris to make it easier for your end users to take advantage of real-time insights.
Learn MoreIntroducing Apache Druid 25.0
Apache Druid 25.0 contains over 293 updates from over 56 contributors.
Learn More2022 in Review: A Breakout Year for Druid, A Banner Year for Imply
2022 was a great year for Druid AND Imply!
Learn MoreDruid and SQL syntax
This is a technical blog, which summarises the process of extending the Druid's SQL grammar for ingestion and delves into the nitty gritty of Calcite.
Learn MoreNative support for semi-structured data in Apache Druid
Describes a new feature- ingest complex data as is into Druid- massive improvement in developer productivity
Learn MoreDatanami Award
Apache Druid won Datanami's 2022 Readers’ and Editors’ Choice Awards for Reader's Choice "Best Data and AI Product or Technology: Analytics Database".
Learn MoreAlerting and Security Features in Polaris
Describes new features - alerts and some security features- and how Imply customers can leverage it
Learn MoreIngestion from Amazon Kinesis and S3 into Imply Polaris
Imply Polaris now supports data ingestion from Amazon Kinesis and Amazon S3
Learn MoreGetting the Most Out of your Data
Ingesting data from one table to another is easy and fast in Imply Polaris!
Learn MoreCombating financial fraud and money laundering at scale with Apache Druid
Learn how Apache Druid enables financial services firms and FinTech companies to get immediate insights from petabytes-plus data volumes for anti-fraud and anti-money laundering compliance.
Learn MoreWhat’s New in Imply Polaris – November 2022
This blog provides an overview for the new features, functionality, and connectivity to Imply Polaris for November 2022.
Learn MoreImply Pivot delivers the final mile for modern analytics applications
This blog is focused on how Imply Pivot delivers the final mile for building an anlaytics app. It showcases two customer examples - Twitch and ironsource.
Learn MoreWhy Analytics Need More than a Data Warehouse
For decades, analytics has been defined by the standard reporting and BI workflow, supported by the data warehouse. Now, 1000s of companies are realizing an expansion of analytics beyond reporting, which requires...
Learn MoreWhy Open Source Matters for Databases
Apache Druid is at the heart of Imply. We’re an open source business, and that’s why we’re committed to making Druid the best open source database for modern analytics applications
Learn MoreIngestion from Confluent Cloud and Kafka in Polaris
How to ingest data into Imply Polaris from Confluent Cloud and from Apache Kafka
Learn MoreWhat Makes a Database Built for Streaming Data?
For an analytics app to handle real-time, streaming sources, it must be built for streaming data. Druid has 3 essential features for stream data.
Learn MoreTales at Scale Podcast: Who Really Needs Real-Time Data?
Gwen Shapira, co-founder and CPO of Nile joins us to help define real-time data, discuss who needs it (and who probably doesn't) and how to not build yourself into a corner with your architecture. When you're...
Learn MoreSQL-based Transformations and JSON Columns in Imply Polaris
You can easily do data transformations and manage JSON data with Imply Polaris, both using SQL.
Learn MoreApproximate Distinct Counts in Imply Polaris
When it comes to modern data analytics applications, speed is of the utmost importance. In this blog we discuss two approximation algorithms which can be used to greatly enhance speed with only a slight reduction...
Learn MoreThe next chapter for Imply Polaris: celebrating 250+ accounts, continued innovation
Today we announced the next iteration of Imply Polaris, the fully managed Database-as-a-Service that helps you build modern analytics applications faster, cheaper, and with less effort. Since its launch in...
Learn MoreIntroducing Imply’s Total Value Guarantee for Apache Druid
Apache Druid 24.0 contains 450 updates and new features, major performance enhancements, bug fixes, and major documentation improvements
Learn MoreIntroducing Apache Druid 24.0
Apache Druid 24.0 contains 450 updates and new features, major performance enhancements, bug fixes, and major documentation improvements
Learn MoreUsing Imply Pivot with Druid to Deduplicate Timeseries Data
Imply Pivot offers multi step aggregations, which is valuable for timeseries data where measures are not evenly distributed in time.
Learn MoreA Look Under the Surface at Polaris Security
We have taken a security-first approach in building the easiest real-time database for modern analytics applications.
Learn MoreUpserts and Data Deduplication with Druid
A look at what can be done with Druid for upserts and data deduplication.
Learn MoreWhat Developers Can Build with Apache Druid
We obviously talk a lot about #ApacheDruid on here. But what are folks actually building with Druid? What is a modern analytics application, exactly? Let's find out
Learn MoreWhen Streaming Analytics… Isn’t
Nearly all databases are designed for batch processing, which leaves three options for stream analytics.
Learn MoreApache Druid vs. Snowflake
Elasticity is important, but beware the database that can only save you money when your application is not in use. The best solution will have excellent price-performance under all conditions.
Learn MoreDruid 0.23 – Features And Capabilities For Advanced Scenarios
Many of Druid’s improvements focus on building a solid foundation, including making the system more stable, easier to use, faster to scale, and better integrated with the rest of the data ecosystem. But for...
Learn MoreIntroducing Apache Druid 0.23
Apache Druid 0.23.0 contains over 450 updates, including new features, major performance enhancements, bug fixes, and major documentation improvements.
Learn MoreAn Opinionated Guide to Component APIs
We have collected a number of guidelines for React component APIs that make components more predictable in terms of behavior and performance.
Learn MoreDruid Architecture & Concepts
In a world full of databases, learn how Apache Druid makes real-time analytics apps a reality in this Whitepaper from Imply
Learn More3 decisions that shaped the Polaris UI
Imply Polaris is a fully managed database-as-a-service for building realtime analytics applications. John is the tech lead for the Polaris UI, known internally as the Unified App. It began with a profound question:...
Learn MoreHow Imply Polaris takes a security-first approach
A primer for developers on security tools and controls available in Imply Polaris
Learn MoreImply Raises $100MM in Series D funding
There is a new category within data analytics emerging which is not centered in the world of reports and dashboards (the purview of data analysts and data scientists), but instead centered in the world of applications...
Learn MoreImply Named “Cool Database Vendor” by CRN
There can’t be one database good at everything. When it comes to real-time analytics, you need a database built for it.
Learn MoreLiving the Stream
We are in the early stages of a stream revolution, as developers build modern transactional and analytic applications that use real-time data continuously delivered.
Learn MoreMigrating Data from ClickHouse to Imply Polaris
In this blog, we’ll review the simple steps to export data from ClickHouse in a format that is easy to ingest into Polaris.
Learn MoreApache Druid vs. ClickHouse
Developers and architects must look beyond query performance to understand the operational realities of growing and managing a high performance database and if it will consume their valuable time.
Learn MoreJava Keytool, TLS, and Zookeeper Security
Lean the basics of Public Key Infrastructure (PKI) as it relates to Druid and Zookeeper security.
Learn MoreBuilding high performance logging analytics with Polaris and Logstash
When you think of querying with Apache Druid, you probably imagine queries over massive data sets that run in less than a second. This blog is about some of the things we did as a team to discover the user...
Learn MoreFor April 1st: a New Description of Apache Druid from Our Youngest Technical Architect
A simple set of instructions to deploy Apache Druid on minikube using minio for local deep storage on your laptop.
Learn MoreDistributed by Nature: Druid at Scale
Horizontal scaling is the key to performance at scale, which is why every database claims this. You should investigate, though, to see how much effort it takes, especially compared to Apache Druid.
Learn MoreAtomic Replace in Polaris
When you think of querying with Apache Druid, you probably imagine queries over massive data sets that run in less than a second. This blog is about some of the things we did as a team to discover the user...
Learn MoreAnnouncing Imply Polaris
Today, we're excited to announce a major leap forward in ease-of-use with the introduction of Imply Polaris, our fully-managed, database-as-a-service.
Learn MoreBuilding Analytics for External Users is a Whole Different Animal
Analytics aren’t just for internal stakeholders anymore. If you’re building an analytics application for customers, then you’re probably wondering…what’s the right database backend?
Learn MoreClustered Apache Druid® on your Laptop – Easy!
A simple set of instructions to deploy Apache Druid on minikube using minio for local deep storage on your laptop.
Learn MoreWhy Data Needs More than CRUD
After over 30 years of working with data analytics, we’ve been witness (and sometimes participant) to three major shifts in how we find insights from data - and now we’re looking at the fourth.
Learn MoreThe Rise of a New Analytics Hero in 2022
Every year industry pundits predict data and analytics becoming more valuable the following year. But this doesn’t take a crystal ball to predict. There’s instead something much more interesting happening...
Learn MoreA new shape for Apache Druid
Today, I'm prepared to share our progress on this effort and some of our plans for the future. But before diving further into that, let's take a closer look at how Druid's core query engine executes queries,...
Learn MoreProduct Update: SSO, Cluster level authorization, OAuth 2.0 and more security features
When you think of querying with Apache Druid, you probably imagine queries over massive data sets that run in less than a second. This blog is about some of the things we did as a team to discover the user...
Learn MoreMulti-dimensional range partitioning
When you think of querying with Apache Druid, you probably imagine queries over massive data sets that run in less than a second. This blog is about some of the things we did as a team to discover the user...
Learn MoreLog4Shell Vulnerability and Mitigation
A critical vulnerability has recently been discovered in Apache Log4j, a popular logging library for Java projects.
Learn MoreDruid Nails Cost Efficiency Challenge Against ClickHouse & Rockset
To make a long story short, we were pleased to confirm that Druid is 2 times faster than ClickHouse and 8 times faster than Rockset with fewer hardware resources!.
Learn MoreUnveiling Project Shapeshift Nov. 9th at Druid Summit 2021
There is a new category within data analytics emerging which is not centered in the world of reports and dashboards (the purview of data analysts and data scientists), but instead centered in the world of applications...
Learn MoreHow we made long-running queries work in Apache Druid
When you think of querying with Apache Druid, you probably imagine queries over massive data sets that run in less than a second. This blog is about some of the things we did as a team to discover the user...
Learn MoreAuto Scaling real-time Kafka Ingestion FTW!
Uneven traffic flow in streaming pipelines is a common problem. Providing the right level of resources to keep up with spikes in demand is a requirement in order to deliver timely analytics.
Learn MoreCommunity Discoveries: multi-value dimensions in Apache Druid
Hellmar Becker is an Imply solutions engineer based in Germany, where he has been delving into the nooks-and-crannies of multi-valued dimension support in Druid. In this interview, Hellmar explains why...
Learn MoreCommunity Spotlight: Apache Pulsar and Apache Druid get close…
The community team at Imply spoke with an Apache Pulsar community member, Giannis Polyzos, about how collaboration between open source communities generates great things, and more specifically, about how...
Learn MoreMeet the team: Abhishek Agarwal, engineering lead in India
Abhishek is Imply’s first engineer in India. We spoke to him about setting up our operations in Bangalore and asked what kind of local talent the company is looking for.
Learn MoreMeet the team: Jihoon Son, Software Engineer
Jihoon Son is a software engineer at Imply who works on Apache Druid®. He explains what drew him to Imply five years ago and why he’s even more inspired by the company today.
Learn MoreCommunity Spotlight: Sparking that connection with Apache Druid
It’s been nearly 10 years now since Druid was open sourced “to help other organizations solve their real-time data analysis and processing needs”. This has happened not because of one person or one...
Learn MoreCommunity Spotlight: Augmented analytics on business metrics by Cuebook with Apache Druid®
Cuebook is putting you, decision-maker, back in the driving seat, powered by Apache Druid®. In this interview with their founder and CEO, we learn their reason for being, their open source Cuelake tooling,...
Learn MoreThe Open Source Modern Analytics Stack
Empowering all types of users to analyze data incredibly quickly from wherever it sits provides huge value to organizations. Citizen data scientists and decision scientists are able to make empirically-backed,...
Learn MoreImply Raises $70MM in Series C funding
Our vision at Imply has always been to create a new category for data analytics, analytics-in-motion, and enable organizations to unlock workflows they’ve never been able to do before. With the most recent...
Learn MoreCommunity Spotlight: Avesta powers next-generation applications with Apache Druid
When considering various real-time analytics solutions, Apache Druid quickly became the clear choice: Avesta uses only open-source products and libraries. And today, they’re using Druid as a central component...
Learn MoreThe Future of Analytics
The traditional BI workflow starts with a strategic question. Such a question is not too time-sensitive—days or weeks is okay—and the question is pretty complex to answer.
Learn MoreHow we enabled the “Go Fast” button on TopN queries: Hint: we used vectorized virtual columns (which is new in Apache Druid 0.20.0)
Apache Druid is a fast, modern analytics database designed for workflows where fast, ad-hoc analytics, instant data visibility, or supporting high concurrency is important. Multiple factors contribute to...
Learn MoreMaking the impossible, possible: A GameAnalytics case study
We’ve had the pleasure of speaking with Ioana Hreninciuc, CEO of GameAnalytics, to learn just how they use Imply to make their next-generation data stack possible.
Learn MoreMake your real-time dashboards blazing fast with per-segment caching
Imagine a scenario where Druid is collecting metrics about a huge microservices application —there’s a continuous stream of metrics coming in about the different services from this application.
Learn MoreCommunity Spotlight: smart advertising from Sage+Archer + Apache Druid
Out-of-home advertising has changed. Gone are static, uncompromisingly homogenous posters, replaced instead with bright and fluid installations. Installations that make smart decisions about what and when...
Learn MoreData deletion in Apache Druid (part 2)
Some time ago, Dana Assa and I wrote a detailed blog post about Data retention and deletion in Apache Druid. Our intention was to help Druid database users and provide guidance on how to control the TTL...
Learn MoreData Revolution at Hawk powered by Imply
Hawk is the first independent European platform to offer a transparent and technological advertising experience across all screens: Desktop, Mobile, CTV, DOOH & Digital Audio.
Learn MoreIf you thought you had perfect rollups before, you might have been wrong!
In Apache Druid, you can roll up duplicate rows into a single row to optimize storage and improve query performance. Rollup pre-aggregates data at ingestion time, which reduces the amount of data the query...
Learn MoreImply’s real-time analytics maturity model to create better customer experiences
Imply’s real-time Druid database today powers the analytics needs of over 100 customers across industries such as Banking, Retail, Manufacturing, and Technology. We have observed that the majority of prospects...
Learn MoreWhat I wish I knew about Imply when I was developing in-house analytics
Like a lot of engineers at Imply, I got my start here after having worked on an analytics solution for a previous employer. In my case, it was a large non-tech company going through a digital transformation.
Learn MoreKueez leverages Imply Cloud to reduce operational overhead & enable real-time analytics
Imply allows Kueez's data analysts, content editors, and growth teams to optimize their campaigns in real-time. With open-source Druid, they struggled to keep their system up and running, their queries were...
Learn MoreNeed more information about Druid and Imply? Let us set you up with a demo.