Conway for Detection

Smarter rules, better results

Step 1

Find the gaps your rules miss

Conway analyzes your existing detection rules against real threat patterns and surfaces the scenarios where you have no coverage

Coverage Analysis

Scanning rules

Velocity spike on new device

—

Dormant account reactivation

—

High-value cross-border txn

—

Credential stuffing pattern

—

Rapid micro-deposits

—

Geo-mismatch login

—

Step 2

Create rules that cover them

For each gap, Conway drafts precise detection rules — tuned to your data, your thresholds, and the patterns actually appearing in your environment

New Rule Draft

Drafting

RULE dormant_account_reactivation

WHEN last_login_days > 180

AND txn_count_24h > 0

AND new_device = true

AND amount > $500

THEN flag_for_review

Covers gap

Dormant account reactivation

Conditions

4 criteria

Step 3

Backtest them

Every new rule is validated against historical data before it goes live — so you know the precision, recall, and false positive rate before deployment

Backtest · 30 day window

0 matches

30d agoToday

Confidence

Precision

94%

Recall

91%

FP Rate

Your existing rules

Backtest your existing rules

Conway runs your current rule set against historical outcomes to show you exactly how each rule is performing — precision, recall, and false positive rates

Existing Rules · Backtest

Running

velocity_check_v3

Pending

Optimal

amount_threshold_lg

Pending

Optimize

geo_mismatch_rule

Pending

Review

new_device_login

Pending

Optimize

Suggest improvements

Where rules underperform, Conway proposes targeted changes to minimize false positives and increase catch rates — without rewriting from scratch

Suggested Improvements

Analyzing

amount_threshold_lg

FP rate

29%11%

new_device_login

FP rate

38%14%

geo_mismatch_rule

Catch rate

79%91%

Explore Conway

Request demo