A high-performance streaming and decision engine that ingests, processes, and acts on data the moment it happens — built on Kafka and Flink, abstracted so business analysts can ship rules without writing a line of code.
Digital banking fraud in South Africa is accelerating. Detection windows measured in hours don't work anymore — the loss has already happened. Stream Crunch is purpose-built for the millisecond gap.
Insights arrive hours or days after the event. By then, the damage is done — fraud has cleared, the customer has churned, the SLA has slipped.
Building real-time pipelines requires deep Kafka and Flink expertise — and months of engineering before the first rule fires in production.
Changing rules or models means code changes, testing cycles, and redeployments. By the time you ship, the fraud pattern has already shifted.
Connect to any event source. Process thousands of events per second with guaranteed delivery semantics.
Apply rules, ML models, and aggregations on each event in-flight with stateful stream processing.
Trigger automated actions, alerts, and workflows the moment a pattern is detected. No human delay.
Build aggregations, rules, and streams without writing Kafka or Flink code. Business analysts ship logic; engineers focus on platform.
→ self-serviceConfiguration changes apply live, with zero downtime or restarts. Tweak a rule, save, watch it fire on the next event.
→ live configBuilt-in fault tolerance with automatic recovery and exactly-once delivery. Flink savepoints. RocksDB-backed state. No data loss on failure.
→ exactly-onceSix capabilities that separate Stream Crunch from a rolled-your-own Kafka/Flink stack — and from off-the-shelf tools that can't keep up with sub-second windows.
Events processed in under 500 ms end-to-end, from ingestion to action. Measured P95, not vendor-speak.
Create, test, and deploy rules without code. Changes apply in real-time. No restarts. No deployment freeze.
Build windowed aggregations and computed fields through a self-service UI — counts, sums, averages, anything.
Tumbling, sliding, and session windows per aggregation. Dynamically adjustable as the threat model evolves.
Per-user state maintained in RocksDB with Flink checkpointing for fault tolerance. Memory-optimised for high cardinality.
Automated alerts, blocks, and workflow triggers the moment conditions are met. Sink to any topic, any system.
Kafka topics with AVRO serialisation
Extracted source fields for processing
Aggregations and transformations
Boolean and math operators on fields
Results to one or more output topics
Create and update topics with AVRO serialisation. Consumer groups managed automatically.
Stateful stream processing with exactly-once semantics. Checkpointing for fault tolerance.
Aggregation and stream configuration applied in real-time. No Flink job restarts required.
RocksDB-backed state with automatic compaction. Memory-optimised for high cardinality.
Full recoverability using Flink savepoints and checkpoints. Zero data loss on failures.
System metrics, processing lag, throughput monitoring, and alerting built in.
Platform-specific streams associated with a Kafka topic and schema. Each stream contains configured basic and computed fields. Streams are the entry point for all processing.
Source fields extracted from incoming event data. The raw inputs used to build computed fields, apply filters, and feed into rules. Defined per stream.
Aggregated values derived from basic fields using configurable windows. Apply filters, transformations, and mathematical operations. Updated continuously as events arrive.
Trigger conditions built using complex Boolean and Math operators on both basic and computed fields. When conditions are met, actions fire immediately. No code required.
Transaction, login, or any business event lands in a configured source stream.
// t+0 msThe platform deserialises the AVRO payload and extracts configured source fields.
// t+~12 msWindowed aggregations run: counts, sums, averages over configurable time windows. State pulled from RocksDB.
// t+~80 msBoolean and math expressions fire against basic + computed field values. Multiple rules run in parallel.
// t+~210 msMatched rules publish events to sink topics for downstream consumption — block, alert, step-up auth, anything.
// t+~412 ms · doneIdentify suspicious activity in real time. Trigger instant holds, alerts, and step-up authentication before losses occur. Detection windows shrink from hours to milliseconds.
Track system and business events continuously. Detect anomalies, SLA breaches, and performance issues as they happen.
Personalise experiences instantly based on live user behaviour, session patterns, and interaction signals.
Monitor transactions against regulatory rules and thresholds. Real-time FICA, sanctions, and PEP screening — at the moment of transaction, not the morning after.
Apply transformations and lookups on streaming data to power downstream processes with richer context. Replace overnight ETL with continuous flow.
Drive workflow automation from live event patterns. Replace polling and batch jobs with event-driven triggers that fire on the signal, not the schedule.
30-minute walkthrough. We map your event sources, scope a real-time use case, and show you how fast a first rule can ship in production. No slideware — a working demo.