Can you build a fully functional, high-scale SIEM in just two weeks for under $7,000?
In this episode of the Cloud Security Podcast, hosts Tim Peacock and Kyle Champlin sit down with long-time collaborator Dan Lucier, Founder of Nano, to unpack how he "vibe-coded" an entire SIEM from scratch during his end-of-year holiday break.
Dan shares his journey of leveraging bleeding-edge AI code assistants to go from a Postgres prototype to a blazing-fast, production-ready SIEM built on Rust and ClickHouse.
In this episode, we cover:
🛠️ The $7,000 Stack: How Dan utilized Claude Code and Kubernetes to build a lean platform running on 2 vCPUs and 4GB RAM while ingesting 10–20 GB of data daily.
⚡ Why ClickHouse? The database architectural decisions behind maintaining sub-second search speeds at massive scale.
🤖 AI-Pilled but Cautious: Why Dan takes a surprisingly conservative approach to AI case closure and triage (and how it compares to Google's Triage and Investigation Agent).
💻 Detection as Code: How MCP (Model Context Protocol) servers and AI are leveling the playing field for smaller security teams.
Whether you're an AI enthusiast, a data nerd, or a security leader looking at the "fourth wave" of SIEM, this episode is a masterclass in modern, rapid-fire software engineering.
👉 Subscribe, leave a review, and join the debate on our LinkedIn page!