SOCs need data as quickly as possible, not as much of it as possible. To further improve the signal-to-noise ratio, CrowdStrike plans to acquire Onum, the leading data pipeline expert.
Stopping an infiltration requires real-time data, according to CrowdStrike. SOCs must eventually be able to activate Falcon Next Gen SIEM with data that has been encrypted as much as possible while in motion.
Trademark
This transformation of data in motion is the core competency of Onum, founded in 2022. It is unique enough for CrowdStrike to be willing to pay more than seven times the amount raised by the start-up: $290 million versus the $40.8 million it had previously raised.
Onum founder Pedro Castillo, who previously founded SIEM provider Devo, emphasizes the company’s vision: “Onum was founded on the belief that pipelines should do more than transport data, they should transform data into real-time intelligence,” This philosophy fits perfectly with CrowdStrike, where the emphasis is on rapid information provision. This includes everything from global threat intelligence to local compromises.
Michael Sentonas, President of CrowdStrike, explains that “stopping breaches requires real-time, high-quality data that fuels faster and smarter decisions.”
Data challenge for security teams
Traditional SIEM systems can no longer keep up with the data flow, according to CrowdStrike, forcing analysts to manually sift through the digital noise. This situation increases the risk that critical threats will go unnoticed.
Onum therefore filters and enriches data before it is forwarded to security tools. According to CrowdStrike, Onum’s technology can deliver five times more events per second than competitors, reduce storage costs by 50 percent, and cut response times by 70 percent.
Autonomous detection as a goal
By integrating Onum into the Falcon platform, CrowdStrike aims to significantly enhance its effectiveness. Onum’s technology will be built directly into the platform. Security teams will be given what they describe as an intuitive drag-and-drop interface to build data pipelines.
Read also: Nvidia and Snowflake figures good, HP stable, CrowdStrike poor