Introduction

The scenarios functionality is one of the most powerful and unique capabilities of Contextal Platform, allowing users to define and automate advanced actions based on the characteristics of the data being analyzed. Scenarios are written in the platform's custom language, ContexQL, and are highly flexible, enabling users to define complex logic and relationships across data.

With scenarios, you can:

• detect and respond to security threats based on specific patterns, behaviors, or metadata extracted from objects
• trigger actions such as BLOCK, ALLOW, QUARANTINE, ALERT, or other custom-defined responses when certain conditions are met
• operate not only in the context of the local data, but take into account other data recently processed by the platform (global context)
• turn Contextal Platform into a data firewall by only allowing specific data to pass through, enforcing strict governance and maximum security in mission critical applications
• chain signature detections across multiple objects and relationships - a scenario can trigger when patterns are detected in related objects, or when multiple conditions are satisfied across different data points, see Malware Scanning

Contextal Platform enhances the effectiveness of scenarios by integrating them deeply into the data flow. It performs real-time contextual analysis of each object and builds relation graphs further utilized by scenarios. This allows for advanced queries applied not only within individual objects but across a network of related entities. Check out the Scenarios Examples section for interesting and creative examples of various types of scenarios.