Introduction

Introduction

What is RunReveal?

RunReveal is a data detection platform designed to make detection simple. We've rethought the existing SIEM category from the ground up so we can instantly take any company's security data and logs and turn them into insights, provide the tools to build your own detailed detection, integrations, etc.

How does RunReveal Work?

There are quite a few components that make RunReveal tick.

  • Sources - RunReveal orchestrates and manages the collection of logs from the security tools and business tools that you use via APIs, Webhooks, direct integrations, and object storage.
  • Data-storage and log search - We provides tools to store your logs, search your logs, schedule detections, and easily investigate what's going on in your environment.
  • Destinations - Object storage and managed services for backing up and using your data in other third party services. We collect the data from different cloud services and save your data to object storage for a rainy day.
  • Alerting - We integrate with the tools you want to send alerts to and by default sends all of your alerts to your email.
  • Reports - Insights we forward to you on a daily basis about what's happening in your environment. These are queries we've written.

The secret sauce

What's the secret sauce that RunReveal has that no other company's have?

  • We work with companies of any size, whether 1 person or 100,000. All companies deserve to have the tools they need to detect compromises.
  • We're built on an open-source database so you can own your own data instead of renting it while using the most advanced database technology.
  • We are making every part of our platform customizable, but keeping the experience dead simple. By running on an open-source database, customers can customize log formats, visualization tools, enrichment capabilities, etc. But out of the box we provide a batteries fully included experience.
  • Efficiency. RunReveal is able to provide a faster and more performant experience than any other platform, and this enables us to provide simple transparent pricing that beats the competition.

Integrations with RunReveal

RunReveal provides APIs, a CLI, and direct integrations with the platform.

  • Detection as code - We support detection as code workflows via github functions or API.
  • Dashboarding and Visualization tools - RunReveal has an direct integration with Grafana, can be used with Jupyter notebooks, and using our API we can support any specialty integrations you need.
  • SOAR - RunReveal supports SOAR platforms to automate the response, investigation, or whatever parts of the detection & response process.
Filtering