RunReveal

RunReveal

Computer and Network Security

Austin, Texas 815 followers

RunReveal is a security data platform simplifying detection and reducing cost while keeping you in control of your data.

About us

A complete security data platform that simplifies every function of detection while saving you money and keeping you in control of your data.

Industry
Computer and Network Security
Company size
2-10 employees
Headquarters
Austin, Texas
Type
Privately Held
Founded
2023
Specialties
Cloud Security, SIEM, Data Security, Detection as Code, Threat Hunting, Detection and Response, Incident Management, Cloud Security Forensics, Threat Research, Security Information Event Management Software, Next-gen SIEM, and Security Data Platform

Locations

Employees at RunReveal

Updates

  • RunReveal reposted this

    View profile for Alan Braithwaite, graphic

    RunReveal, the simple security data platform

    Tomorrow's the big day! Tomorrow, RunReveal is taking the stage at Oktane for the Startup Competition Finals! 🏆 We’re thrilled to compete against the incredible startups Validia and Block Party in front of an all-star panel of judges from the worlds of cybersecurity and identity: Galina Antova, Nick Galbreath, and Neena Thomas. When: Tomorrow, October 15th Where: Oktane24, Las Vegas Caesar's Forum We’ve worked hard to get here, and we’d love to have your support in the audience or following along online. Don't miss the chance to see what’s next for SaaS identity security! 🚀 Follow our journey and cheer us on! 🙌 #Oktane24 #SaaS #Startups #IdentitySecurity #RunReveal

  • RunReveal reposted this

    View profile for Alan Braithwaite, graphic

    RunReveal, the simple security data platform

    We at RunReveal are absolutely thrilled to be considered as a finalist in Okta's very first Startup Competition! 🎉 https://lnkd.in/gHDhKGcK Alongside the other finalists Validia and Block Party, we'll be going on stage at Oktane on October 15th to present in front of a panel of judges working in the intersection of cybersecurity and identity: Galina Antova, Nick Galbreath and Neena Thomas. Learn more about our journey and follow us to follow along! https://lnkd.in/gJ-N8rM4 We couldn't have done it without our incredibly supportive customers. Thank you!  #Oktane24 #SaaS #Startups #IdentitySecurity Thank you Okta, Eunice Wong, Austin Arensberg, and Jessica (Valdez) Martinez for the awesome opportunity and Brandon Adams for capturing our story so incredibly well!

    Okta Announces Finalists for SaaS Startup Competition to Build Identity Security Applications | Okta

    Okta Announces Finalists for SaaS Startup Competition to Build Identity Security Applications | Okta

    okta.com

  • RunReveal reposted this

    View profile for Alan Braithwaite, graphic

    RunReveal, the simple security data platform

    Friday malware news: The new `perfctl` Linux malware proves that XKCD 272 becomes less relevant every day as Linux becomes more popular! (See comments for reference) `perfctl` is Linux malware that infects systems using weak credentials, common misconfigurations and easy RCEs. It hides and gains persistence using launch services and the `.profile` script, and has been active in the wild for at least 3 years. Discovered by Aqua Security, it includes a rootkit that hooks LD_PRELOAD for persistence and evasion and pcap_loop to evade detection via host network monitoring. This malware highlights the continued importance of network-level monitoring similar to what Harvey does with RunReveal by monitoring flow logs. With RunReveal automatic managed enrichments, the TOR traffic coming from infected boxes would have been caught immediately. Don't underestimate the power of network and flow log monitoring. Malware may be able to escape XDR monitoring on the host, but it continues to be challenging for threat actors to hide network traffic. What do you think? Do you monitor the network for threats? What's the signature you'd pick out of this research to add to your SIEM?

    • No alternative text description for this image
  • RunReveal reposted this

    View profile for Evan J Johnson, graphic

    Cofounder & CEO, RunReveal

    I'm so excited that RunReveal is announcing Automatic Enrichments. We rewrite the log as soon as we receive it to include additional threat intel information, and RunReveal is already enriching over 250,000 logs per second in our pipeline at peak times. The best part is we built our detections, destinations, and all of our other features to be compatible with automatic enrichments. We normalize all logs immediately after we receive them from log sources, enriching them, running them through our detection engine (https://sigmalite.dev), and then storing the results in a storage bucket or a high performance db like ClickHouse so you can threat hunt, correlate, and respond quickly when you need to. This feature being boiled down to a single toggle and searching through over 125,000 IP addresses over 250,000 times per second is mind-blowing and all of the technical details of how that works will be published in a blog in the next week or so! I tend to think there's a lot more automatic enrichments we should build. For example, HRIS integrations to append title/role name to logs so you can easily spot abnormal behavior. It's still early days but this announcement has me really excited about what's possible. Anyways, give it a read. https://lnkd.in/gV9jQHuB

    Introducing Automatic Enrichments. Rewriting logs with the latest threat feed data.

    Introducing Automatic Enrichments. Rewriting logs with the latest threat feed data.

    blog.runreveal.com

  • RunReveal reposted this

    View profile for Alan Braithwaite, graphic

    RunReveal, the simple security data platform

    At RunReveal, we're committed to helping ensure that no breach goes undetected. As part of that, lowering barriers to good tools is critical. That's why we're making Automatic Managed Enrichments for IP threat intelligence available to every customer today, for free. Automatic enrichments augment your security data in real time as it comes in with IP intelligence capabilities to help you identify when low reputation IPs are performing actions against your IT infrastructure. When starting my career, I was deeply inspired by Cloudflare's goal of helping to secure the internet by providing SSL for free to websites. When they started, it was common to see plaintext websites. Now, they're very rare. We're doing the same thing for security data. You shouldn't need a team of experts and specialists maintaining your SIEM, and there shouldn't be minimum contract values to get started with something useful. Huge props to the team for making this possible! We're turning log processing on it's head with our efficiency and execution. Wouldn't be possible without them. Check it out today! Blog in comments.

  • RunReveal reposted this

    View profile for Clint Gibler, graphic

    Sharing the latest cybersecurity research at tldrsec.com | Head of Security Research at Semgrep

    🛠️ Sigmalite: New OSS tool that can run Sigma rules without a SIEM. Designed for stream processing and can be embedded into data pipelines, decoupling detection from data storage. Sigmalite supports real-time streaming detections and allows users to make decisions about log handling (e.g., storage location, forwarding) based on Sigma rule matches. By RunReveal, H/T Evan J Johnson for sharing. https://lnkd.in/g2NgmFPF #cybersecurity

    • No alternative text description for this image
  • RunReveal reposted this

    View organization page for ClickHouse, graphic

    80,574 followers

    We’ve transformed our internal SIEM by combining RunReveal's smart detection with the speed of ClickHouse’s queries. Ditching our Lambda-based log capture has cut complexity, while RunReveal’s SQL-powered detections have dramatically improved response times. Our highlights: 🔄 **Goodbye Custom Lambda Functions!** Previously, adding new data sources meant juggling multiple custom Lambda functions. Now, with RunReveal’s **seamless integration** into ClickHouse, we’ve scrapped all that complexity and replaced it with a singular, abstracted ingestion engine. The result? Lower costs, less engineering complexity, and faster response times. 💡 **Out-of-the-Box Detections** RunReveal offers a library of pre-built detections, which we’ve customized using **ClickHouse SQL**. Writing and automating detections has never been easier, letting us focus on improving security posture rather than building custom pipelines. 💥 **The Result?** - Supercharged detection and response times - Streamlined, scalable data ingestion - Focused on writing detections, not building infrastructure Security doesn’t need to be complicated when you have the right tools. With **ClickHouse + RunReveal**, we’ve revolutionized how we handle security data. 💪 RunReveal https://lnkd.in/dmHnxkU3

    How our security team uses ClickHouse Cloud + RunReveal

    How our security team uses ClickHouse Cloud + RunReveal

    clickhouse.com

  • RunReveal reposted this

    View profile for Tanya Bragin, graphic

    Product @ ClickHouse

    At Confluent Current in Austin next week? Come the Real “Real Time Data Party” with ClickHouse Tues Sept 17 🎉 Hear from RunReveal, Shopmonkey, SolarWinds about their real-time apps built on ClickHouse while relaxing with your peers, and enjoying beers and dinner 🍺🍕

    View organization page for ClickHouse, graphic

    80,574 followers

    Get ready to dive deep into the world of real-time analytics as we gear up for another ClickHouse Meetup! Join us at PeerSpace in Austin on Tuesday, September 17, 2024 from 6 PM to 9 PM. Whether you're an expert or just getting started, this is the perfect opportunity to connect with other developers, exchange ideas, and get insights directly from the group. We've got a packed agenda, hands-on demos, and plenty of networking opportunities. Plus, enjoy some tasty food, refreshing beverages, and great swag! 👉 Spots are limited, so make sure to RSVP soon! https://lnkd.in/ePkYyJ2A

    ClickHouse Meetup - Austin, Tue, Sep 17, 2024, 6:00 PM   | Meetup

    ClickHouse Meetup - Austin, Tue, Sep 17, 2024, 6:00 PM | Meetup

    meetup.com

  • View organization page for RunReveal, graphic

    815 followers

    The releases will continue until security improves! Today RunReveal is releasing Sigmalite, a detection library written in pure Go, to enable streaming detections in RunReveal. "But wait, don't you do SQL detections?" you say. Yes, and now we do both! Speaking with our customers and security teams everywhere it was clear that we need both streaming detections and sql-based detections. SQL detections are great at correlating security signals and events across time, and while you can write a detection looking for individual rows, it's not really the ideal use for SQL detections. So we did some research and decided that Sigma would be a good standard to implement, given its strong community and broadly available detections for popular SaaS stacks. We reached out to Roxy Light to help us write the Sigmalite library which processes the Sigma spec ✨natively✨ in Go (meaning there's no translation layer), and couldn't be happier with the results! Now, you can use Sigma to pull signals and alerts out of your audit logs, then use SQL to correlate those signals across ANY source! 🎉 Check it out today! (Links in comments) With the release of Sigma this week and Enrichments 2 weeks ago, RunReveal is rounding out the most critical features of a security data stack based on the feedback from our customers and our network of expert advisors on hypergrowth security teams. Stay tuned to see what's next! Got feedback? Love it? Hate it? Drop us a line! contact@runreveal.com

    Introducing Sigmalite. RunReveal's open source sigma rule evaluator for detection

    Introducing Sigmalite. RunReveal's open source sigma rule evaluator for detection

    blog.runreveal.com

Similar pages

Funding

RunReveal 1 total round

Last Round

Seed

US$ 2.5M

See more info on crunchbase