Business rules define business procedures and policies. Normally, every business application contains many embedded business rules to determine what the workflow looks like.
Examples may include:
- If an order value is > $500 then send it for analysis to fraud engine.
- If the promotion code is VIP20, then apply the discount code of 20%.
- If the CPU is running hot above 80%, then trigger an email to a systems administrator.
- If you have several XSS vulnerabilities in your source code, then email a link to a user to OWASP secure coding manual.
The problem is that these rules may change quite frequently. Every time business users change their mind, the developers need to rush to change their (Java or other language) source code, recompile it, and redeploy to production servers. The process becomes pretty inefficient.
In rules engine, the rules are isolated to a separate configuration file and the program doesn't need to be recompiled to consume the changes. Many of these changes come with convenient GUI interfaces to modify the rules. I've compiled a table comparing the engines to one another: