There are two algorithms in use today in BlueCat products. Both of these algorithms are focused on the detection of potential security events and work by assessing DNS query and response data from individual customers to identify these issues. The two algorithms differ in complexity, where, and how they are applied