Enrichment & Egress
Indicators extracted by the AI investigator, external lookups, and the privacy guardrail that decides what may leave the perimeter.
Indicators todayIOCs extracted from alerts after redaction.
1,418
Egress allowedExternal enrichment calls that passed the privacy guardrail.
1,102
Blocked — PIICalls denied because the indicator still contained PII (SSN / loan# / email).
84
Blocked — breakerCalls dropped because the provider's circuit-breaker is OPEN — failing closed protects the upstream.
39
Cache hit rateRedis cache hit ratio across all providers (24h TTL).
78%
Redis queue depthPending enrichment jobs. Sustained > 100 indicates upstream pressure.
12
External enrichment providersReputation, threat intel, vulnerability and GeoIP services the AI may call. Circuit-breaker fails CLOSED on outage.
Read-only| Provider | Kind | Calls (24h) | Cache hit | p95 | Status | Breaker |
|---|---|---|---|---|---|---|
| VirusTotal | Reputation | 312 | 71% | 480ms | Healthy | Closed |
| AbuseIPDB | Reputation | 188 | 64% | 220ms | Healthy | Closed |
| NVD CVE | Vulnerability | 44 | 89% | 310ms | Healthy | Closed |
| MaxMind GeoIP | GeoIP | 905 | 96% | 18ms | Healthy | Closed |
| GreyNoise | Threat Intel | 61 | 52% | 720ms | Throttled | Half-open |
| Recorded Future | Threat Intel | 0 | 0% | 0ms | Circuit Open | Open |
Privacy egress guardrailWhat the guardrail does before any external enrichment call.
SSN / Loan# / Account# / Email patterns
Regex match against the IOC string. Match = BLOCK. No exceptions.
Borrower names
Name dictionary + initials-only allow-list.
Hash-only mode
Analyst can re-run blocked calls with sha256(IOC) — accepted by VT / AbuseIPDB.
Redis cache + retry/backoff
24h TTL per (provider, indicator). DLQ on permanent failure.
Cache hit rate by provider (24h)Redis cache hit ratio per provider, hourly. High cache hit = fewer external calls = less PII risk + lower spend.
Indicator decisions — allow / hash-only / blockPer indicator pattern: how the guardrail classifies it and what happens. Hash-only mode lets analysts re-run blocked calls with sha256(IOC).
| Pattern | Class | Allow | Hash | Block |
|---|---|---|---|---|
Public IP 203.0.113.44 | Non-PII | 482 | 0 | 0 |
Domain mega.nz | Non-PII | 311 | 0 | 0 |
URL path /upload?u=… | Mixed | 188 | 42 | 6 |
File hash sha256 9f1c…a2e7 | Non-PII | 254 | 0 | 0 |
Email address james.***@gmail.com | PII | 0 | 91 | 38 |
Loan # LN-****-3320 | PII | 0 | 12 | 27 |
Account # / PAN ACCT-****-2210 | PII | 0 | 4 | 13 |
Borrower name Mitchell, J. | PII | 0 | 0 | 9 |
PII patterns can NEVER be allowed in cleartext. Hash-only is the supported workaround for reputation lookups.
Recent egress decisionsEvery external enrichment call by the AI is logged. BLOCKED rows show the rule that triggered.
Allowed Blocked Cached
| Time | Provider | Indicator | Action | Reason | Case |
|---|---|---|---|---|---|
| 2026-06-08 10:30 IST | VirusTotal | mega.nz | ALLOWED | Domain on allow-list; no PII | CASE-2026-0847 |
| 2026-06-08 10:30 IST | AbuseIPDB | 49.36.x.x | ALLOWED | Public IP, octet-redacted before send | CASE-2026-0847 |
| 2026-06-08 10:30 IST | VirusTotal | james.personal@gmail.com | BLOCKED | Indicator matched PII rule (Email) — egress guardrail | CASE-2026-0854 |
| 2026-06-08 10:28 IST | GreyNoise | 203.0.113.44 | ALLOWED | Public IP, no PII | — |
| 2026-06-08 10:25 IST | VirusTotal | LN-****-3320 | BLOCKED | Indicator matched PII rule (Loan#) — egress guardrail | CASE-2026-0854 |
| 2026-06-08 10:21 IST | MaxMind | file.io | CACHED | Cache hit (24h TTL) | CASE-2026-0850 |
| 2026-06-08 10:12 IST | Recorded Future | pastebin.com | BLOCKED | Circuit breaker OPEN — provider unreachable, failing closed | — |
AI output is advisory. Egress guardrail fails closed — when a provider is unreachable or an IOC contains PII, the call is denied and recorded.