Our Story

Get Started
about booli img

How We Got Here

After building and running SIEM environments for Fortune 500 companies on many different platforms, our founders believed they could take those lessons learned and write their own solution based on proven use cases that had shown value over time and provide it as a service; all at a price point that would be extremely competitive.

Fundamentally, we believe SIEM is more of a continuum and a process of continually tweaking scoring and adding use cases over time to continue to provide meaningful value. This is why most SIEM solutions decline in value over time and end up being replaced. Offering booli as a service ensures it will always be relevant, and yet be extremely flexible to grow as an organization’s grows.

What Our Customers Say

“Today we have manual playbooks and booli is automating these things that we are doing manually today.  They are telling us the 15 things that can be done today, in three months and in six months”.

“Becauase booli.ai was born in the cloud and 100% cloud-native, we have nobody on the team dedicated to SIEM today.  We no longer need to manage massive infrastructure to scale.  “At one point I had four security staff members dedicated to SIEM.  Now my team assists with integration points and the SOC is dedicated to monitoring as we shift to a single pane of glass versus multiple tools and playbooks”.

“It’s one thing to ingest data.  It’s another to get the right logs ingested and parsed focusing on the highest value logs for immediate implementation.  We initially had DNS in Phase III but it really needed to be in Phase I.  booli helped us prioritize and not miss anything.  AD has one thousand different types of logs – some are chatty and low value.  booli worked with us to develop a strategic logging document prioritizing the exact logs and event numbers.  Not only did this allow us to get immediate high value but we were able to accurately gauge infrastructure load as logging is turned up over time.  With this we were able to get buy-in from the infrastructure team with no pushback.”

“booli.ai’s security team is staffed by hardworking quality engineers who want to succeed”.

“With other managed service providers my chances of speaking with an engineer were near zero and I’d be passed from customer support to one person to another.”

“What impresses me with booli.ai is the level of direct access that I have to engineers, operations personnel, and product management – people who have been sitting in my engineering seat who take quick action to affect positive change.”

“With booli.ai’s XDR we are able to integrate 80 applications in six months.  Historically I’ve never seen more than 30 done in four years.”

“A massive differentiator for us is booli.ai’s AD integration points.  They helped us prioritize and not miss any critical integrations.  Initially we had DNS in Phase III and it really belonged in Phase I.”

“booli.ai has been identity focused since day one.  Their identity stitching provides immediate context resulting in high value quality events where historically we’ve had to reverse engineer who was behind the events.  I’ve seen no other providers even talking about this.”

“Pre-booli we had 70 runbooks covering his team monitoring several consoles.  We no longer need to watch and respond to 20 different alerting systems.”

“We’ve acquired six different companies, but the security organization has not grown to scale, and I cannot continue to grow the security team.  booli.ai provides efficiency in a central console that we don’t need to manage, providing high quality alarms with the right context that we need to make quick decisions”.

“With a SIEM industry that is somewhat commoditized, what you bolt on now to make people’s lives easier is key.  This includes adopting new sources that are constantly changing and integrating them quickly”.

“With booli I am able to scale my team to be more efficient – spending time on high quality alarms which is directly related to the soundness of booli’s program”.