Is ReliaQuest SOC 2 Type II certified?

Yes, ReliaQuest maintains SOC 2 Type II attestation, which is verified through independent annual audits of the company's security controls, availability, and data-handling practices.

Where is my data stored and does ReliaQuest offer data residency options?

Your original data stays in your environment, meaning your technology remains the source of truth. GreyMatter processes a limited subset of machine log data and retains it for 72 hours for investigations and 30 to 90 days for hunt campaigns, as configured by your team. At-source detection keeps threat identification local to your source technologies, and GreyMatter Transit gives you additional filtering and storage optionality by detecting threats before data reaches your SIEM. You control what gets stored, where, and how much across multi-SIEM and multi-cloud environments.

Does GreyMatter meet GDPR, HIPAA, and PCI-DSS compliance requirements?

Yes, ReliaQuest maintains HIPAA and PCI-DSS compliance. Regarding GDPR, GreyMatter does not process personal data—the platform processes a limited subset of cybersecurity-relevant machine log data. In cases where personal data such as device identifiers or business account usernames may be inadvertently present in customer logs, ReliaQuest works with customers to minimize and pseudonymize that data to the extent practicable.

What is ReliaQuest's data-retention policy?

ReliaQuest does not backup customer data, all original log data remains in your environment and your technology remains the source of truth. Customer log data within GreyMatter is retained for 72 hours for investigations and 30 to 90 days for hunt campaigns, as configured by your team. Portal tickets and alerts are stored for 12 months and then archived for an additional 6 months, for a total of 18 months retention.

Pricing and ROI FAQ

1. How is GreyMatter priced—per endpoint, per user, by data volume, by token usage, or flat fee?

GreyMatter's core platform is priced per endpoint. Additional capabilities are priced based on the scope they cover—mailboxes for phishing analysis, employee count for digital risk protection, and data volume for Transit. GreyMatter pricing is not based on token usage.

2. How does GreyMatter reduce my total cost of security operations?

GreyMatter unifies detection, investigation, and response into a single platform that works with your existing tools—eliminating the cost of maintaining separate SOAR, threat intel, and automation solutions. Combined with reduced SIEM ingestion costs through at-source detection and Transit, and the ability to scale coverage without scaling headcount, customers experience compounding cost reductions across their security operations budget.

3. Can GreyMatter reduce my SIEM ingestion costs and overall security tool spend?

Yes, GreyMatter's at-source and in-transit detection identifies threats before data hits your SIEM, meaning less data needs to be ingested, parsed, and stored. Organizations using GreyMatter save an average of $3.5M annually by reducing SIEM dependency and $900K annually by reducing tool fragmentation.

4. What ROI can I expect with GreyMatter?

According to Forrester, GreyMatter delivers a 224% ROI. ReliaQuest internal data shows that customers typically see $2–$4 back for every $1 spent on GreyMatter.

5. Is there a GreyMatter proof-of-value or trial period?

Yes, ReliaQuest conducts proof-of-value engagements with defined trial periods and success criteria agreed upon with your team before the engagement begins.

One Platform to Unify Your Security Operations

The Agentic AI Security Operations Platform

Pricing and ROI FAQ

Solutions

Platform

Learn

Company