How It Works

This is the analytical engine behind Shield^™. An analytical computer system receives electronic messages at the network perimeter—messages sent from outside the organization. For each message, the system designates the sender and recipient as nodes in a relationship graph and assigns the connection between them an edge value calculated from their communication history.

Over time, the system builds a comprehensive relationship graph. It can create these nodes and edges during initial installation using historical data, or build them incrementally as new messages flow through. The result is a continuously evolving map of communication relationships with quantified trust levels.

What Makes It Different

• Relationship network analysis: models communication as a graph of vertices and edges, where each relationship carries a calculated edge value derived from prior interactions.
• History-weighted scoring: the connection between sender and recipient is evaluated against their historic communication pattern, not in isolation.
• Perimeter-level processing: analyzes messages as they enter the network, before they reach the recipient.
• Historical and real-time: can bootstrap from existing email data and continuously refine confidence scores as new patterns emerge.
• Multiple analytical systems: supports distributed analytical computer systems working together for enterprise-scale deployment.

Why It Matters

Traditional email security evaluates each message in isolation—checking for known bad links, malware signatures, or spam patterns. This is a fundamentally different approach: building a relationship network that quantifies trust between senders and recipients based on their communication history. When something doesn’t fit the established pattern, the confidence scoring surfaces it.

It’s the analytical foundation that gives Shield its ability to detect threats that signature-based systems miss entirely.