CrowdStrike CTO Michael Sentonas Shares Insights on Humio
This blog was originally published June 28, 2021 on humio.com. Humio is a CrowdStrike Company.
I recently had the pleasure of speaking with CrowdStrike CTO Michael Sentonas for Episode 47 of our The Hoot podcast series. Michael has 20+ years of cybersecurity experience and played a lead role in the Humio acquisition so it was great to get his take on why CrowdStrike acquired Humio and how the acquisition will help customers. Michael also shared some of his thoughts on the latest security trends, current chip shortage and news of the day.
Why CrowdStrike Pursued a Log Management Solution
It turns out log management has been on CrowdStrike’s radar for quite some time. CrowdStrike offers various breach services to help customers identify and resolve security incidents. But investigating and isolating threats can sometimes be a challenge. Many customers don’t maintain detailed telemetry data, so CrowdStrike engineers often lack the full information needed to pinpoint issues. The reason? Conventional log management solutions are notoriously resource-intensive and expensive. Many customers simply can’t afford to gather and retain log data from all their networking gear, security products, and IT systems. Many end up disabling, aging out, or optimizing log records to conserve storage, leaving security engineers with insufficient data to work with.
Why CrowdStrike Chose Humio
When talking to customers about log management challenges, one solution kept coming up over and over again—Humio. CrowdStrike customers were impressed with Humio’s uniquely modern approach to log management and its features, speed, and usability as well as the platform’s ability to deliver on roadmap commitments. Michael had been keeping an eye on Humio for a while, was impressed that Gartner had recently named Humio a Cool Vendor in Performance Analysis, and thought the company would be a natural fit for CrowdStrike.
As he explained in the podcast: “To me, it was an incredibly powerful opportunity to bring Humio into CrowdStrike, to start to really deliver an enterprise-grade solution to address the challenge of – how do you take massive volumes of events and log data? How do you take a massive amount of unstructured data? And then how do you analyze it and build something that allows our customers to act on that data? To be able to do it at scale, and to do it in a way that that is affordable for their organization.”
With Humio, customers no longer need to make difficult choices about which data to log, and how long to retain it. By logging everything, Humio customers gain the complete set of data needed to detect and respond to any incident.
CrowdStrike and Humio: Better Together
Together, CrowdStrike and Humio will help customers realize the true promise of XDR (eXtended Detection and Response) by transforming massive volumes of raw metadata into meaningful, contextual insights. Michael summed up the opportunity saying “If I look at CrowdStrike, we’ve spent pretty much the last decade building upon rich endpoint data. And we’ve been pulling together asset information, identity information, we’ve been getting network visibility through our sensor, we’re pulling together data from every workload, regardless of where it is. If we then start to think forward about a scenario where we combine Humio as a data ingestion and analysis engine, and we start to bring together what CrowdStrike has, with any data from any device from anywhere—being able to do it at scale. This is something that will be very, transformative. And I think we’ve got a real opportunity to disrupt a lot of markets.”
Please tune in to the podcast to hear to my entire conversation with Michael. He shares his thoughts on a variety of topics including President Biden’s Executive Order on cybersecurity, recent ransomware attacks making the news, and some of the challenges COVID-19 posed for IT security teams. And be sure to visit our podcast page to catch up on other The Hoot episodes.