tirreno receives real-time user event data from your applications through API calls.

User context and proprietary API enrich data, transforming it into actionable intelligence.

The rule engine processes data to identify positive signals, red flags, and regularities to re-evaluate user risk score.

Flagged accounts sent for manual review. Accounts with the lowest scores may be automatically suspended to prevent further access to your app.

‐ User ID

‐ Event type

‐ Time stamp

‐ User agent

‐ IP address

‐ Requested URI

‐ Field history

‐ User activity metrics

‐ Behavioural data

‐ Device model

‐ Operating system

‐ IP geolocation

‐ VPN/Datacenter detection

‐ ASN information

ⓘ Account takeover

ⓘ Brute-force attack

ⓘ Non-human identities abuse

ⓘ Compromised accounts

ⓘ Account sharing

ⓘ Insider threats

ⓘ Dormant accounts

ⓘ Content abuse

ⓘ Your custom rules

↳ Manual review

↳ Blacklist