Row vs Column-Oriented Databases | SentinelOne

My Thoughts: Securing the Enterprise’s Most Valuable Asset

2020 exposed the cybersecurity industry’s fundamental data problem – while cybersecurity solutions are put into place to protect data, their own inability to seamlessly ingest and action data from across the enterprise hinders realtime protection and response to damaging cyber attacks.

Organizations accelerated digital transformation plans to support remote workforces, driving the rapid adoption of cloud technologies. The result has been a massive growth in the amount of data organizations generate, process, and collect from myriad data sources. This has created new vulnerabilities and increased opportunity for targeted attacks that exploit security professionals’ limited visibility across complex cloud and distributed environments.

Today’s organizations require the ability to autonomously secure all enterprise data – security related or not. We’re taking a major step forward in allowing this by announcing the acquisition of Scalyr, a leading cloud-native, cloud-scale data analytics platform. The acquisition of Scalyr allows us to unlock the full potential of XDR and solve cybersecurity’s greatest data problems.

The Data Challenges of Fully Integrated XDR

XDR – the next generation of EDR – promises to go beyond endpoint devices, providing enterprises with a holistic, automated approach for securing today’s dynamic threat landscape. However, the promise of XDR has been constrained by the challenges that organizations face in ingesting, indexing, compressing, and performing analytics on data in a cost effective manner. Look at today’s vendors; few are able to effectively operationalize XDR for the enterprise.

According to Gartner, “building an effective XDR is more challenging than it might seem. Lack of data collection, common data formats and APIs, as well as products built on legacy database structures, make it difficult to integrate security tools even within the same vendor’s product portfolio”.1

For many human powered, data schema constrained cybersecurity products on the market, this data challenge is insurmountable. Many of the next-gen EDR offerings that we are often compared against are completely reliant on SIEM integrations or OEMs for point in time data correlation. This requires data to be indexed, introducing pipeline latency issues and limiting the ability to mitigate threats in real time, in addition to exorbitant search and storage costs. Streaming, realtime data, searches, and correlation is but a dream for peer vendors.

SentinelOne Delivers Fully Integrated XDR Through Scalyr

Scalyr’s SaaS platform overcomes these challenges and unlocks the full promise of XDR by allowing organizations to seamlessly ingest any data from any source and automate any action. By providing a realtime data lake and eliminating data schema requirements from the ingestion process and index limitations from querying, Scalyr can:

  • Ingest petabytes of structured, unstructured, and semi-structured data in real time from any technology product or platform
  • Take action against any data in real time
  • Assign policy, mitigate threats, and define action for every rule in an automated fashion
  • Allow organizations to rapidly analyze, query, and action data at an effective cost

All of these factors were integral in selecting Scalyr to advance the unrivaled innovation SentinelOne’s automated response capabilities and AI-powered Storyline technology deliver. Along with diverse XDR data, customers can automatically connect disparate data into rich stories and identify and take action against malicious behaviors, especially techniques exhibited by advanced persistent threats – including APT malware like Sunburst.

Our customers can extend automated response capabilities including threat mitigation, remediation, and ransomware rollback across the entire enterprise technology stack, to services and applications like Okta, ServiceNow, Slack, and more – all without human intervention.

Company Impact

Founded by the creator of Google Docs, Steve Newman, Scalyr created the industry’s first cloud-native, cloud-scale data analytics platform for log management and observability. Global brands including NBC Universal, CareerBuilder, TomTom, Lacework, Zalando, Tokopedia, and Asana use Scalyr to manage their large scale data operations. We are dedicated to continued investment in Scalyr’s solutions post-acquisition, supporting customers and evolving the platform.

Having this level of proprietary technology is a major acceleration of our efforts in bringing the industry’s most advanced AI-powered security to the entire enterprise. It also positions us to shape the ongoing convergence of cybersecurity and big data.

Few companies develop their own data stores and technology such as Scalyr’s cannot be built overnight. We developed the foundation to house and take action against all enterprise data with the Singularity XDR platform and Scalyr provides a rapid and exciting path to realize our vision. The acquisition also allows us to overcome the challenge vendors face in balancing the cost structure of ingesting and storing massive amounts of data. We’re able to deliver greater value to customers while strengthening our business model and increasing shareholder value. And, after surveying the space, we’re able to complete this transformational acquisition with the very best technology and team to align with our vision and with a shared set of values, principles, and integrity.

Today marks a new chapter in our company journey and positions us for continued hypergrowth and long-term success. I invite you to join us on the journey – whether that be replacing antivirus, replacing your next-gen endpoint technology, or looking for a home to take your career to new heights. Our company is a place dedicated to the success of our customers, to innovation, and to creating an environment for our team members to do their life’s best work. Take a few moments to engage with us and see how we’re taking cybersecurity to places not ventured before.

Tomer