How our security team uses ClickHouse Cloud + RunReveal

ClickHouse is a robust enterprise security program that involves systematic collection, storage, and analysis of log data from various systems, applications, and devices within an organization's IT environment. Choosing ClickHouse as the underlying technology for security information and event management (SIEM) was an obvious choice due to its ability to support any data format from any source, provide alerts and visualizations through the official ClickHouse Grafana Plugin, and effectively compress logs while preserving fast query access times. RunReveal is a security data platform designed to collect raw logs from SaaS and Cloud Services, ingest them into ClickHouse Cloud, and automatically detect anomalies and compromises in an organization's environment. It simplifies the process of adding new data sources, integrates tightly with log providers, and allows users to view and edit SQL queries that make up detections. The security applications of ClickHouse have become crucial components of organizations' security programs, enabling quick and efficient responses to security incidents.