{"podcast":{"title":"Open Source Startup Podcast","slug":"open-source-startup-podcast","podcast_index_feed_id":3501865,"rss_url":"https://anchor.fm/s/3eab794c/podcast/rss","website_url":"https://oss-startup-podcast.launchnotes.io","image_url":"https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/10414251/10414251-1718504092058-1eb78ce29b28a.jpg","author":"Robby (MTF); Tim (Essence VC)","episode_count":194,"summary":"The leading podcast on how to build a successful open source company. Learn from the founders of HashiCorp, Chronosphere, Vercel, MongoDB, DBT, mobile.dev and more!","last_synced_at":null,"page_url":"https://stenobird.com/podcast/open-source-startup-podcast"},"episode":{"title":"E177: RunReveal's Anti SIEM SIEM Platform (With AI That Actually Works!)","slug":"e177-runreveal-s-anti-siem-siem-platform-with-ai-that-actually-works","published_at":"2025-07-08T19:05:18+00:00","page_url":"https://stenobird.com/podcast/open-source-startup-podcast/e177-runreveal-s-anti-siem-siem-platform-with-ai-that-actually-works","show_page_url":"https://stenobird.com/podcast/open-source-startup-podcast","url":"https://podcasters.spotify.com/pod/show/ossstartuppodcast/episodes/E177-RunReveals-Anti-SIEM-SIEM-Platform-With-AI-That-Actually-Works-e359h8k","audio_url":"https://anchor.fm/s/3eab794c/podcast/play/105218772/https%3A%2F%2Fd3ctxlq1ktw2nl.cloudfront.net%2Fstaging%2F2025-6-8%2Ff4c6d97f-ebc9-d20b-20fa-ab82a004d21d.mp3","summary":"RunReveal is challenging the 'walled garden' SIEM model by providing a high-performance security data platform built on ClickHouse. The discussion explores how decoupling security data from proprietary vendors enables AI-driven investigations and more efficient data management.","meta_description":"Explore how RunReveal uses ClickHouse and open-source libraries to disrupt the SIEM market with AI-powered security investigations and real-time monitorin…","key_points":["Main idea: Traditional SIEMs create expensive, proprietary data silos that prevent security teams from effectively utilizing their own logs","Practical takeaway: Using an open-source event processing library like Kawa allows for scalable, high-volume event processing as an alternative to Flink or Spark","Failure mode: Relying on proprietary collectors for endpoint security can hinder the ability to audit, extend, or modify critical infrastructure","Main idea: The Model Context Protocol (MCP) is a critical bridge for enabling LLMs to perform automated security investigations using standardized data schemas","Spicy take: The risks of data exposure to third-party LLMs will likely trigger a massive industry shift back toward on-premises and self-hosted infrastructure"],"chapters":[{"start_ms":60000,"title":"Founding Story","summary":"The transition from building honeypots at Cloudflare to identifying a massive gap in the security data market."},{"start_ms":255000,"title":"The Problem with Walled Gardens","summary":"How proprietary SIEM architectures lead to massive ingestion costs and data inaccessibility."},{"start_ms":1045000,"title":"Open Source Strategy","summary":"Balancing SaaS product growth with community trust through open-source projects like Kawa and RevealD."},{"start_ms":1425000,"title":"AI-Powered Investigations","summary":"Leveraging standardized schemas and the Model Context Protocol (MCP) to automate security workflows."},{"start_ms":2210000,"title":"Technical Learnings & Future Trends","summary":"Reflections on early technical decisions and the predicted resurgence of on-prem deployments due to AI privacy concerns."}],"topics":["Security Information and Event Management","ClickHouse","Open Source Software","Artificial Intelligence","Model Context Protocol","Data Engineering","Cybersecurity Automation","Event Stream Processing"],"duration_seconds":2613,"processing_state":"processed","actions":[{"name":"request_transcript","method":"POST","url":"https://stenobird.com/v1/public/podcasts/open-source-startup-podcast/episodes/e177-runreveal-s-anti-siem-siem-platform-with-ai-that-actually-works/transcription-requests","description":"Idempotently request low-priority transcript generation for this episode."},{"name":"read_markdown","method":"GET","url":"https://stenobird.com/podcast/open-source-startup-podcast/e177-runreveal-s-anti-siem-siem-platform-with-ai-that-actually-works.md","description":"Read the agent-friendly Markdown representation of this episode resource."}]}}