High-flying endpoint security vendor SentinelOne plans to spend $155 million to acquire log management startup Scalyr, beefing up a crucial technology piece to drive its ambitions in the enterprise cybersecurity market.
SentinelOne, a late-stage startup jostling for a share of the expanding anti-malware market, expects the Scalyr deal to speed up its push into the lucrative XDR (Extended Detection and Response) category.
“With this acquisition, SentinelOne will be able to ingest, correlate, search, and action data from any source, delivering the industry’s most advanced integrated XDR platform for realtime threat mitigation across the enterprise and cloud,” the company said in a statement.
For Scalyr, which launched in 2011 and raised about $27 million in venture capital funding, the $155 million price tag provides a successful exit for a range of investors, including Shasta Ventures, Susa Ventures and Bloomberg Beta.
Based in San Meteo, Calif., Scalyr was founded by Writely/Google Docs creator Steve Newman. The company sells what it calls “blazing-fast” log management for engineering and operations teams, the kinds of tools that fit perfectly in the EDR/XDR category.
As Microsoft has proven with the success of building out Windows Defender into a full-fledged enterprise security tool with capabilities beyond just malware-detection, competitors and startups are moving fast to add SIEM-like capabilities to traditional endpoint anti-malware tools.
[ ALSO BY RYAN NARAINE: For Microsoft, Security Is a $10B Business ]
SentinelOne said its data services team will continue selling log management, observability, and event data cloud solutions in conjunction with the upcoming Scalyr integration.
SentinelOne founder Tomer Weingarten says the Scalyr transaction provides tools for his company to solve one of the industry’s biggest data challenges for delivering fully integrated XDR capabilities.
“Scalyr’s big data technology is perfect for the use cases of XDR, ingesting terabytes of data across multiple systems and correlating it at machine speed so security professionals have actionable intelligence to autonomously detect, respond, and mitigate threats,” Weingarten said.
He said Scalyr’s cloud-first tech can ingest massive amounts of machine and application data in real time, providing operational tools for defenders to analyze, query, and action data with speed and operational efficiency.
Once the integration is done, SentinelOne plans to position itself as a platform providing autonomous, realtime, and index-free threat analysis and mitigation beyond the endpoint – across the entire enterprise and cloud attack surface. In late 2020, SentinelOne announced raising $267 million in an oversubscribed Series F funding round that brought the total raised by the company to $696.5 million.
Scalyr acts as a realtime data lake for ingesting structured and unstructured data from any technology product or platform – including Microsoft, AWS, Google, CrowdStrike, as well as internal enterprise data sources.
The company says it ingests and stores petabytes of structured and unstructured machine data and is optimized for searching and storing data at low-costs and high speeds. Scalyr counts NBC Universal, CareerBuilder, TomTom, Lacework, Zalando, Tokopedia, and Asana among its customer base.
Related: SentinelOne Raises $267 Million at Valuation Exceeding $3 Billion