SentinelOne Buys Scalyr For $155M

February 10, 2021

SentinelOne bought Scalyr, a leading cloud-native, cloud-scale data analytics platform. With this acquisition, SentinelOne will be able to ingest, correlate, search, and action data from any source, delivering the industry’s most advanced integrated XDR platform for realtime threat mitigation across the enterprise and cloud.

Through this acquisition, SentinelOne sets the bar for the XDR market and solves one of the biggest challenges in delivering a fully integrated XDR platform: ingesting and actioning all operational data in realtime from a security-first perspective. According to Gartner, “building an effective XDR is more challenging than it might seem. Lack of data collection, common data formats and APIs, as well as products built on legacy database structures, make it difficult to integrate security tools even within the same vendor’s product portfolio.1”

Born in the cloud, Scalyr’s SaaS platform unlocks the full promise of XDR. By eliminating data schema requirements from the ingestion process and index limitations from querying, Scalyr can ingest massive amounts of machine and application data in real time, enabling organizations to analyze, query, and action data with unparalleled speeds and cost-effectiveness. This provides SentinelOne customers with autonomous, realtime, and index-free threat analysis and mitigation beyond the endpoint – across the entire enterprise and cloud attack surface – something not possible with today’s human powered and schema-constrained cybersecurity products.

“Through our acquisition of Scalyr, SentinelOne is solving one of the industry’s biggest data challenges for delivering fully integrated XDR capabilities. Scalyr’s big data technology is perfect for the use cases of XDR, ingesting terabytes of data across multiple systems and correlating it at machine speed so security professionals have actionable intelligence to autonomously detect, respond, and mitigate threats,” said Tomer Weingarten, Co-Founder and CEO, SentinelOne. “This is a dramatic leap forward for our industry – while other next-gen products are entirely reliant on SIEM integrations or OEMs for point in time data correlation and response, SentinelOne uniquely provides customers with proactive operational insights from a security-first perspective. The combination of Scalyr’s data analytics with our industry leading AI capabilities ushers in a new era of machine-speed prevention, detection, and response to attacks across the enterprise.”

Realtime Data Ingest & Correlation is the Next-Generation of Detection
With Scalyr as the big data engine powering the Singularity XDR platform, SentinelOne once again defines autonomous protection. Scalyr broadens the aperture of data sources, creating a realtime data lake for ingesting structured and unstructured data from any technology product or platform – including Microsoft, AWS, Google, CrowdStrike, and more – as well as internal enterprise data sources. Diverse XDR data, coupled with SentinelOne’s AI-powered Storyline technology, automatically connects disparate data into rich stories and autonomously identifies malicious behaviors, especially techniques exhibited by advanced persistent threats – including APT malware like Sunburst.

AI-Powered Automated Response Across the Enterprise Technology Stack
While most EDR products struggle with alert response, often relying on human services and manual actions, SentinelOne pioneered AI-powered automated response capabilities including threat mitigation, remediation, and ransomware rollback – each delivered without any human effort. XDR extends these capabilities beyond cybersecurity use cases by providing response actions on applications and services such as Okta, Netskope, Recorded Future, ServiceNow, Splunk, Zendesk, Slack, and more.

“This strategic acquisition accelerates SentinelOne’s unrivaled product innovation while maintaining a sustainable growth model. Scalyr’s technology solves one of the biggest operational challenges vendors face – balancing the cost structure of ingesting and storing massive amounts of data,” said Nicholas Warner, COO, SentinelOne. “Delivering the industry’s most advanced and integrated XDR platform bolsters our hypergrowth path while building a long-term, sustainable business that delivers value to customers and shareholders.”

Founded by the creator of Google Docs, Steve Newman, Scalyr created the industry’s first cloud-native, cloud-scale data analytics platform for log management and observability. Scalyr ingests and stores petabytes of structured and unstructured machine data and is optimized for high-cardinality, high-dimensionality data: searching and storing data at low-costs and high speeds. Scalyr is used by leading brands like NBC Universal, CareerBuilder, TomTom, Lacework, Zalando, Tokopedia, and Asana to manage their large scale data operations.

“We built Scalyr to solve critical data challenges for a cloud-first world,” said Newman, Co-Founder and Chairman, Scalyr. “I’m excited for the Scalyr team to become part of SentinelOne and solve one of the world’s most pressing big data problems – cybersecurity.”

“The security and data analytics industries are uniquely related, and this acquisition provides SentinelOne the opportunity to set the agenda as the XDR category leader,” said Christine Heckart, CEO, Scalyr. “Scalyr’s current customers will benefit from expanded investment, and SentinelOne’s customers will enjoy Scalyr’s big data capabilities within the Singularity platform.”

Under the terms of the agreement, SentinelOne is acquiring Scalyr for $155 million in equity and cash. The acquisition is expected to close during SentinelOne’s first quarter, subject to customary closing conditions. SentinelOne’s data services team will continue offering log management, observability, and event data cloud solutions in conjunction with integrating Scalyr.