Techstrong TV: Expanding Beyond Cybersecurity
Rahul discusses the launch of SentinelOne DataSet, SentinelOne’s data analytics solution. Building upon the acquisition of Scalyr, DataSet expands beyond cybersecurity use cases delivering a limitless enterprise data platform for live data queries, analytics, insights, and retention.
Alan Shimel: Hey, everyone. Welcome to another Techstrong TV interview. I’m really happy to have with us on this interview today, Rahul Ravulur, who is with Sentinel One, and he has some exciting news coming out of Sentinel One to share with us. Hey, Rahul. Welcome to Tech Strong TV.
Rahul Ravulur: Hi, Alan. Thank you. Thanks for having me here.
Shimel: It’s a pleasure to have you on. So Rahul, I mentioned Sentinel One. Sentinel One is not a strange word to the folks in our audience. I’m sure they’re all familiar, but just in case someone’s heard of them, they’re not sure, or maybe they haven’t, why don’t we start off with kind of Sentinel one. What do you guys do?
Ravulur: We are, I would say, the leading or one of the leading cybersecurity providers. We essentially provide an XDR platform that allows you to analyze data and be able to take response and protect endpoints as well as other devices as quickly as possible. Our kind of, I would say, really claim to fame is that we do this truly with AI. That’s really our special sauce is that – I would say other conventional providers that do this with human response, our technology is really kind of geared to see the threats as they’re growing. We are able to do this with machine learning and AI.
Shimel: What about your background and how you came to Sentinel One?
Ravulur: My role at Sentinel One is I’m the general manager of data set, which is a new offering that we just launched a couple of weeks ago. My background before this is at _____, where I was leading the product portfolio for the IT products and ____ _____ products as well. Of course, I’ve been around the block before. I’ve been an entrepreneur for a couple ____ ____ startup. I was _____ for a long time _____ some other ____ offerings as well.
Shimel: Absolutely. Of course, we’re good friends with the folks at Splunk. We always have them on. They continue the good things. It’s interesting, then. This data set offering kind of represents an expansion of the Sentinel One offering, almost beyond sort of – it’s still cybersecurity but beyond that core cybersecurity that we kind of have come to expect from Sentinel One. Let’s assume people in our audience don’t know what we mean by dataset. Why don’t we start there, Rahul?
Ravulur: Maybe a little bit of context. I spoke about Sentinel One’s – what we were looking to – our cybersecurity offerings are really based on a data platform. Sentinel One was using, I would say, several other technologies in the past to essentially process the data, store the data, and get insight to take action. But as our business is growing and as kind of essentially the volume of data and scale of performance needs are growing, Sentinel One went out and started looking at what technologies were out there in the market to see, how can I essentially cater for future growth as well? They evaluated several technologies and really liked one from a company called Scaler. Scaler was founded by this gentleman named Steve Newman who was at Google. He was operationalizing what became Google Docs. He really felt like there needed to be a better ______ way of doing things that took advantage of cloud scale elasticity and costs and so on. Sentinel One really liked that technology and liked it so much that they bought the company about a year ago. Dataset is kind of what we’ve taken as that same scale of foundational technology, and we’ve added more things to it in terms of scale and performance improvements and being able to really get real time insights to data. So as data flows in, we are able to analyze the data within milliseconds and do that at scale, when you have petabytes of data as well, and we can take that action very quickly. What we’re doing now is we are – we have about 350 customers using this outside of security use cases. We have customers that are using it [inaudible] and many cloud native companies like Asana is using this, Solando in Europe, Make My Trip in India. We want to essentially make sure that we can take all this richness and goodness that we have in the platform and expose this out to many, many other customers who need this as well, who need the same scale cost efficiencies and performance as well. That’s the reason we’ve launched Dataset. Of course, there’s a lot more in the hopper and I can talk more about the tech if you’re interested.
Shimel: Of course we’re interested. That’s our audience. Let’s talk about the tech.
Ravulur: The things that make Dataset really unique, I would say is – and I say this coming from – based on experience I have in the market here – is that first of all, we take a very cloud native approach to things. If you see where this industry has been going, when it started off ten years ago, cloud was like an edge case. It was not mainstream as it is today as the volumes of data that you’re dealing with have gone up several factors of magnitude.
Third is that we can adjust the response that we need in terms of analyzing data. Earlier, it was fine if I got data from last week and I was able to take action now. Whereas now, I need real time insights with the data as well. The needs have really grown.
The Dataset technology really kind of took all these things in mind. The idea is to be able to handle different datatypes such as _____ diagnostics. We don’t have an index. We don’t have any clusters to manage. We don’t have any – you can actually bring in – very flexibility – any kind of data types into here. That’s number one is to bring in different types of datatypes into the same platform and be able to process that.
Second is we essentially have – all the data is always stored hot on [inaudible]. There is no notion of cold buckets and warm buckets and hot buckets that you need to move data around. So what typically happens in the traditional case is you can store data hot for 7 days or 30 days because it’s very expensive to do that. The rest of the data is tiered off into cold storage. So if you need to know, for example, _____ data from a year ago, you need to move the data from cold buckets to the hot buckets.
Whereas the Dataset technology is such that all the data is always query-able instantly as soon as it’s actually ingested and parsed as well, so you can query data as long as a year ago. You can see the needs for compliance – if I need to run a compliance report from a year ago or if I need to do threat hunting, if I need to do data science, be able to do machine learning, it’s very, very useful to be able to use all of the data right away. That’s been the second advantage.
The third advantage is that from a query standpoint, we essentially have a very Google-like, I would say, massive query entry, which allows you to essentially – when you issue a query, that query is essentially run against the entire query cluster. It’s chopped up into multiple subcategories [inaudible] across the entire query cluster, so you get your results back instantly.
For example, our P96 for queries is less than a second. It’s really fast queries that you can interact [inaudible]. It’s really important. Let’s say you have a service that has gone down, and you need to figure out why and you need to restore service. Speed matters. Expedience matters at that time. Similarly, if you’re doing a threat hunt and you’re trying to figure out what other kind of instances have been impacted, I need to get those results very quickly. I would say the traditional solutions in the market sometimes take minutes.
Shimel: Minutes, seconds, people, they desensitize. But really when you’re talking about this kind of stuff, minutes to seconds can be life and death in a lot of instances for these kinds of things. Excellent. Let’s talk about the offering business-wise now. Dataset, you launched it a few weeks ago. It’s publicly available. Where can people go get that?
Ravulur: Go to Dataset.com. As I mentioned, we’re a _____ service. You can actually go and sign up for it. You can actually even use it. You can swipe a credit card and use it. We have several customers that do it. A consumer _____. We have a trial and a demo that’s available as well. And obviously, we have – for our larger customers that require customization or need to understand how this fits into their environment, we have a large – essentially our entire sales force that’s available and our partners too that are available to go and have a conversation with you and consult as to how this fits in your environment.
Shimel: Excellent. How is it priced though?
Ravulur: Today, we price it by – essentially it’s by ingest, the data that’s coming in times the retention. We have flexible retention tiers that can go up to ____ or pass ____ as well.
Shimel: Excellent. You were at Splunk, so you know this better than most. The problem a lot of companies is have is that just because they can doesn’t mean they should. They want to ingest everything because Dataset has that kind of scalability, right? At some point, they’ve got to find that sweet spot – price performance versus what you got. That’s going to vary company to company, organization to organization, but where do you think that is for most companies, Rahul?
Ravulur: That’s a great point because data inherently is not useful. It’s the insight you get from data that makes it useful. I think what you said is right [inaudible] every company we really start talking about what are the answers you’re trying to get to from the data that you have, and what are the use cases that kind of emerge from there?
One thing we frequently see with customers is because traditional solutions are very expensive, they were having to discard data because it is just too expensive to store because they were getting huge bills. Just from a pure economical standpoint, having a lower dollars per ____ is actually something that they were looking for. Second is that the fact that we’re a true cloud service, it actually eliminates a lot of the operational overhead that you’re typically dealing with.
I don’t now need to deal with clusters and index management and figure out availability and have a large team to go manage that. So it frees up a lot of, I would say, engineering capacity that was originally used for managing a data infrastructure. That can be actually devoted to really getting answers to the data itself.
We are seeing, I would say, the use cases emerge, to your point, right around – for example, ____ are extremely expensive ____. It’s very ____ to actually store data for long term, potentially when I do things like compliance or threat hunting. They’re actually using Dataset as a way to augment that ____. Essentially, we set side by side with ____ or telemetry data or long-term retention essentially goes into Dataset. That’s one of the use cases that’s starting to come up.
Second is we are starting to see, I would say, in traditional – the ______ business and the Dataset business is a lot of the cloud native customers that have Kubernetes logs, that have CI logs, that have your deployment logs – your cloud logs as well. If I actually see a service is seeing deterioration in performance, I need to find out, by looking through the entire full stack, where the problem occurs and also seeing what actually caused that problem so that I can actually quickly, if needed, roll back the problem or make the configuration change [inaudible].
Shimel: Absolutely. I’m glad you brought that – they’re a victim of their own success, if you will. I like what you also said, Rahul, that data in and of itself is not the value. It’s the insights and actionability that you grab from it. It’s good stuff. Where do you see this – look, it’s got its own domain, Dataset.com. How do you see expansion here? What’s next for it, you think?
Ravulur: One thing is, Sentinel One, we are a cybersecurity company, and we clearly have a lot of, I would say, investment to actually make that broader and deeper and bring more insight to our customers. That remains our focus.
That said, we do believe that a lot of the problems that we are solving for the cybersecurity domain from a data standpoint apply very well and broadly to a lot of customers, which is why we want to go to customers that we typically don’t talk to. As I mentioned, some of the accounts that I was talking to as well, we’re getting a lot of interest. We’re actually seeing the same types of needs as well. We have a lot of things in the, I would say, in the hopper that we will actually bring out which, I would say is around the ease of use of consumption for these other use cases.
When you are actually talking to an engineering team or you’re talking to an IT team, what is the type of consumption they would need on top of this data and, to your point, around insights? How do I actually surface those insights easily for them so that I can actually get those types of data sources ingested easily but also surface the insights in a very _____ curated form for those audiences as well?
Shimel: Rahul, we’re coming up on time here. First of all, I want to congratulate you on the launch of Dataset. It seems like this is your baby there, right? You’re the GM on it. So we’ll be watching and watching it grow and hopefully prosper and really be valuable to the audience. Keep us posted. Come back and tell us more.
Ravulur: Absolutely. Thank you so much for having me here. We are really excited, and we will eventually work with a lot more folks out there and really have a consultative discussion around what the use cases are so we can go solve that, so thanks for having me here.
Shimel: It’s my pleasure. Dataset.com. Check it out. We’re going to take a break here on Tech Strong TV. We’ll be right back.
[End of Audio]
