They’re fast and responsive when you request new data sources, especially if you run into a rarely used product they don’t already have a source for. Pricing is great, the UI is clean, and it’s easy to find what you’re looking for. With the help of various AI models, investigations feel like a trivial endeavor. On the model side, they fully support the major providers, and you can run your own Bedrock models or just use their Bedrock models. The founders all come from a security-focused background, and they’ve built a simple product that addresses the limitations of other bloated SIEMs. Adding sources is easy and intuitive, and for the ones that require a little extra care and feeding, the documentation is there.

RunReveal is extremely simple to configure and use on a day-to-day basis compared to its peers. Streamlined log ingestion and thoughtful AI implementation allows me to focus my time on hunting threats and moving the security needle in a meaningful way.

First is that RunReveal can store all your data so much more efficiently than splunk so we have more data in our SIM for analysis. A close follow up to that is their incredible in integrations with AI to not only make investigations easier, but also automated.