IncidentFox and BitSentry both use AI to investigate incidents and find root cause. If you’ve been looking at AI SRE tools, you’ve probably seen both. They solve the same core problem (the 30-45 minutes between “alert fired” and “found the cause”) but the architecture is different enough that they suit different teams.
What IncidentFox does
IncidentFox is a Slack-native AI incident investigator. When an alert fires, it auto-investigates in a Slack thread: querying logs, checking pod status, correlating deployments. You interact with it by typing in Slack. It generates fix scripts that you approve before they run.
The setup angle is interesting. IncidentFox claims to auto-learn your stack without manual configuration. You connect it and it figures out your integrations. They support 40+ tools (Datadog, AWS, Kubernetes, GitHub, PagerDuty, Prometheus, Grafana, etc.).
They’re backed by Y Combinator (W26), founded by ex-Meta and ex-Roblox engineers, and have an open core model with a self-hosting option.
What we built
We sell two separate products. SuperTerminal is a macOS desktop app for on-call engineers who want to investigate incidents manually with AI assistance. It SSHes into your servers, runs diagnostic commands, and the AI reads each step’s output. It runs on your machine, nothing goes through our infrastructure.
The BitSentry Dashboard is a separate web product with a 24/7 background worker. It ingests logs from Sentry, Wazuh, and other sources, investigates anomalies automatically, and queues root causes before anyone gets paged. Different product, different use case.
Where they differ
| IncidentFox | BitSentry | |
|---|---|---|
| Interface | Slack threads | Desktop app (SuperTerminal) + Web dashboard |
| Server access | Cloud-based, queries your tools via API | SSH from your machine (SuperTerminal) or your deployment (Dashboard) |
| AI model | IncidentFox’s hosted model | Bring your own (6 providers, your API keys) |
| Data path | Your data goes through IncidentFox servers | SuperTerminal: nothing through BitSentry. Dashboard: your deployment. |
| Setup | Auto-learns stack, minimal config | Uses existing SSH config, ~5 min setup |
| Remediation | Fix scripts with approval gates | Runbook execution with AI interpretation |
| Kubernetes focus | Strong (pod status, deployments) | Weaker (SSH-based, not k8s-native) |
| Background monitoring | No (reactive to alerts) | Yes (Dashboard worker runs 24/7) |
| Pricing | Not public (pilot program) | $7,200/year Pro, free beta for SuperTerminal |
When IncidentFox makes more sense
IncidentFox is a better fit if your team lives in Slack and you want investigations to happen where conversations already are. The Slack-native approach means zero context switching for teams that manage incidents in Slack channels.
It’s also stronger for Kubernetes-heavy environments. Checking pod status, correlating deployments, querying Prometheus, these are first-class features. If your infrastructure is mostly containers on k8s, IncidentFox speaks that language natively.
The auto-integration setup is genuinely appealing if you have a complex stack and don’t want to spend time configuring connections manually.
When our tools make more sense
SuperTerminal is the better fit if your production logs can’t leave your network. The local-first architecture means your SSH credentials, server logs, and AI conversations never touch a third-party server. For teams with strict data residency requirements or regulated infrastructure, this isn’t a nice-to-have.
It’s also better if you want to pick your own AI model. IncidentFox uses their own model. We let you use OpenAI, Anthropic, Groq, Gemini, or others with your own API keys. If you already have an enterprise agreement with one provider, that matters.
The 24/7 background worker on the Dashboard is something IncidentFox doesn’t have. IncidentFox reacts to alerts. The Dashboard catches anomalies proactively, before they page anyone.
And if your infrastructure is mostly traditional servers (VMs, bare metal, non-containerized services), our SSH-based approach works everywhere. IncidentFox’s strength with Kubernetes becomes less relevant if you’re running RHEL boxes.
Both are early stage
Worth noting: both products are early. IncidentFox is accepting pilot partners. SuperTerminal is in free beta, and the Dashboard is coming soon. Neither has the enterprise track record of a PagerDuty or Datadog. If you need production-hardened tooling today, neither is the safe choice. If you’re willing to try something new to cut investigation time, both are worth evaluating.
Try SuperTerminal
Free while in beta. Uses your SSH config and your own AI keys. Set it up in 5 minutes.