AuthorS
Announcements
Apr 17

Anvilogic Milestone: Multi-Data Platform SIEM

AuthorS
We are in the midst of an accelerated cycle in cybersecurity, where data has become a foundational pillar of modern enterprises. As organizations grapple with an ever-increasing amount of data from diverse sources, traditional security information and event management (SIEM) systems struggle to keep up with current data volumes and velocity.

When we first met Karthik and Deb, the founders of AI cybersecurity startup Anvilogic, in July 2022, we saw canary-in-the-coal-mine market inklings that legacy on-prem SIEM solutions were too rigid and expensive to maintain as security teams were embracing cloud-based products and alert data volumes grew.

For data breaches and cybersecurity threats, Security Operations Center (SOC) processes haven’t changed much in a decade. By leveraging cloud data lakes (e.g., Snowflake) instead, it was easier for organizations to scale storage at a predictable cost and centralize security data. With a cloud-data data lake, security tools could capture business data that provided additional context, further exacerbating the data control problem. All the while, organizations wanted it to be simpler for security teams to correlate signals across their software stack and transition to cloud-native security approaches, creating a modern, future-proof SOC.

Fast forward, modern cloud architectures—security data lakes (SDLs)—have emerged as an answer to the challenges of managing vast amounts of security data. This is not just a sustainable technological advancement theory; it’s a fundamental shift in how enterprises approach cybersecurity. By leveraging big data technologies such as Apache Hadoop and Spark, SDLs enable organizations to collect, store, and analyze massive amounts of security data from disparate sources. Gone are the days of siloed security tools and fragmented data. As IT simplifies operations, organizations can use a security lake to break down data silos, enabling seamless integration and correlation of security events across the entire IT ecosystem. By leveraging machine learning, this holistic approach empowers security teams to identify patterns, detect anomalies, and respond to incidents that would otherwise go unnoticed, with unprecedented speed and precision.

Zooming in, the integration of generative AI into security operations has further taken center data stage over the past year, with Microsoft and Google launching applications leveraging large language models (LLMs) for threat detection and response. Amazon has asserted its commitment to Amazon Security Lake, a platform designed to consolidate security data from various sources including third-party providers, underscoring the growing importance of unified security solutions. Unlike traditional SIEMs, which are often limited in handling large volumes of data and performing advanced analytics, SDLs offer a more flexible and scalable approach. Cisco’s acquisition of Splunk for $27 billion in 2023 underscored the timely product shift for industries to move away from legacy monolithic stacks while slashing costs and introducing highlyscalable architectures. The acquisition also signaled the challenges faced by incumbent players in the SIEM and SOC space. As SDLs gain traction, traditional SIEM vendors are under pressure to adapt their offerings or risk being left behind. Some, like Splunk, have joined forces with larger tech giants, while others are exploring ways to integrate data lake capabilities into their existing platforms. This all speaks to the future of enterprise cybersecurity being data-driven, and platforms like Anvilogic are paving the way. Anvilogic combines the ability to operate on security data lakes as well as legacy log repositories, e.g., Splunk, powered by the AI-first nature of the platform and built-in content armory, to shatter the legacy monolithic — and therefore expensive and constrained — SIEM paradigm with their new multi-data platform SIEM architecture. Founded by Karthik Kannan and Deb Banerjee, experienced security operators with a deep understanding of enterprise data workflows from their tenures at Splunk and Symantec, Anvilogic was built from the ground up for the cloud, enabling seamless integration with existing SDLs and rapid deployment across hybrid and multi-cloud workloads.

Anvilogic stands out in the crowded cybersecurity market by offering a multi-data platform SIEM powered by AI that enables enterprise security operations teams to embrace security data lakes and tackles the critical challenges of threat detection, investigation, and incident response (TDIR) across complex hybrid and multi-cloud environments.

The company’s unique product differentiation lies in its ability to optimize and unify the entire TDIR lifecycle, empowering security teams to respond to threats more efficiently and effectively. The platform simplifies security operations by unifying security functions, such as automated threat detection (ATD), incident response (IR), and threat hunting, into a single, automated engine. The founding team early on envisioned the potential of decoupling the security analytics from the data logging, and today, Anvilogic’s architecture allows some of the largest global enterprises, such as PayPal, SAP, and eBay, to leverage the scalability, flexibility, and cost-effectiveness of the cloud while maintaining robust security operations.

  • Leveraging machine learning and behavioral analytics, the platform unifies detection, hunting, and triage processes, streamlining security operations and reducing the time and effort to identify and respond to threats. Companies can expect 80-90% in cost savings while eliminating the hassle of maintaining detections to get 8000+ hours back per year. By consolidating these critical functions into a single platform, Anvilogic eliminates the need for multiple tools, enhancing efficiency and reducing complexity ⸺ allowing security teams to select the best tools for each task rather than being locked into a single vendor’s ecosystem.
  • By leveraging use-case-specific interfaces and detection engineering functions, organizations can tailor security operations to their specific needs and requirements, all without writing a single line of code or manually wrangling data. Leveraging predefined playbooks and machine learning, the platform accelerates response times, reduces human error, and ensures consistent and effective incident handling.
  • Its unified search and detection offer a balance between making the most of tools in use and flexibility in cross-domain correlation. By enabling security teams to search multiple data sources and platforms, Anvilogic helps identify threats more quickly and accurately.
  • Lastly, it integrates seamlessly with existing security tools and data sources, including SIEM, EDR, and cloud-native services. This enables organizations to maximize the value of their existing investments while enhancing overall security posture.

And there is even more, with Anvilogic today unveiling the second generation of its copilot, Monte Copilot, which is now available for beta. With its threat hunting and alert investigation capabilities, Monte Copilot helps analysts be even more efficient. Anvilogic utilizes a unique approach to addressing these use cases by tapping into model training and inferencing offered by modern data lakes like Snowflake, and pairing it with its content-rich detection armory and domain-specific data models.

As the adoption of security data lakes and AI-driven platforms continues to accelerate, the future of the SecOps stack looks increasingly decentralized, collaborative and flexible. Rather than relying on a single, monolithic SIEM platform, organizations will likely adopt a modular approach, leveraging best-of-breed tools and platforms like Anvilogic for specific use cases. Today, Anvilogic’s customers are already better positioned to defend against the evolving threat landscape and maintain the trust and confidence of their customers and stakeholders.

This is why we are thrilled to continue our partnership with Anvilogic and participate in their Series C led by Evolution Equity Partners, along with Foundation Capital, Cervin Ventures, Point72 Ventures, Outpost Ventures, Stepstone Group, and G Squared.

Perspectives

Explore our latest investments, news, and insights.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Announcements
Oct 24, 2024

Partnering with Cascade AI: Trusted AI for HR and Benefits

Partnering with Cascade AI: Trusted AI for HR and Benefits
Research
Oct 3, 2024

Unlocking Business Efficiency: The Role of AI in Legal Tech

Unlocking Business Efficiency: The Role of AI in Legal Tech
Insights
Sep 19, 2024

Utilizing Venture Capital to Unlock Corporate Longevity & Maintain Relevance in a Rapidly Evolving Landscape

Utilizing Venture Capital to Unlock Corporate Longevity & Maintain Relevance in a Rapidly Evolving Landscape
No results found

Please try different keywords.