RunReveal Detections is a security log analysis platform that monitors, normalizes, and enriches log data for security operations. The platform enables security teams to write detections using SQL with version control capabilities, allowing detections to be managed as code alongside other infrastructure components. The platform provides an integrated environment for developing, testing, and deploying detections. Users can validate code format, determine noise levels, and deploy detections to production environments. RunReveal supports Sigma detection rules with real-time streaming capabilities in the event pipeline. The platform includes AI-powered investigation capabilities through a native Model Context Protocol (MCP) Server. This enables context-aware AI chat for incident resolution, natural language detection management, and the ability to audit and create detections. Users can integrate their own large language models through Claude, ChatGPT, or Cursor. RunReveal processes security logs from cloud infrastructure, cloud accounts, and API keys. The platform automatically prepares log data for querying, search operations, and security investigations. The detection system monitors for anomalies across connected infrastructure and provides visibility into security events.