LogDNA Raises $50M to Bring Observability Data to Security

Written by Kyle Alspach. Originally published on venturebeat.com on December 6, 2021.

Observability data software developer LogDNA, which today announced a $50 million series D funding round, said it’s developing a new platform that will enable a more data-driven approach in key enterprise areas such as security management. The company plans to debut the new platform in the second quarter of 2022, and the launch will represent a major expansion of the vendor’s efforts in cybersecurity — beyond its roots in aiding developer use of log data, CEO Tucker Callaway told VentureBeat.

Observability data includes telemetry from systems — logs, metrics, and traces — and can be used to determine whether a system is healthy or not. If the system is having problems, observability data can help to pinpoint a solution. The concept of observability has emerged in recent years as a more advanced successor to monitoring, with capabilities to answer different questions rather than the same questions continually.

Arming developers

Founded in 2016, LogDNA has tackled the observability data opportunity on behalf of developers, after discovering that developers were typically spending half of their time digging through applications to get crucial log information, Callaway said. The San Jose, California-based company created a tool to streamline developer workflows, focusing solely on that one use of observability data, he said.

Now, after growing to 3,000 customers and seeing its solution used via major partners such as IBM Cloud, LogDNA has spotted what it sees as its next big opportunity: developing a new observability data platform that could open up additional enterprise use cases, such as security management.

The company describes the forthcoming product as an observability data “pipeline” because it will route ingested and processed data from a central point out to whatever tool a user is working with. The ultimate promise of the platform is to enable developers and engineers, including security engineers, “to harness the full power of machine data within their workflows,” LogDNA said in a news release.

Alert overload

The opportunity to move into cybersecurity comes as enterprises struggle to make sense of the huge amount of data, and countless alerts, generated by their growing cadre of security tools.

A recent survey from cyber vendor Trend Micro found that enterprises typically have an average of 29 different security tools, while the largest organizations have an average of 46. This has led to an inability to effectively prioritize security alerts, with many tools going unused or underused, according to the survey.

“Enterprises have dozens of security tools, but few choices in how to leverage observability data across them, regardless of the tools they’ve chosen,” Callaway said in an email to VentureBeat.

“Meanwhile, security professionals are drowning in alerts and red lights, and have to sift through data to do everything from stopping threats to fixing poor configurations,” he said. “There is a desire to get ahead of security issues by shifting left with DevSecOps, to create sound security practices proactively in business and technology operations, as opposed to constantly chasing bad security postures.”

LogDNA’s forthcoming observability data pipeline will allow enterprise teams to ingest all of their data to a single platform, normalize it, and then route it to the appropriate tools — enabling them to take “meaningful action” on their observability data in real time, Callaway said.

Enhancing managed security

The technology can offer an advantage for security management due to the need to need for simplifying data collection, processing, and routing in that space, he said. “Security is a prime example where we’re replicating what we’ve done for developers for security engineers who need access to the right data, in the right tool, in real time,” Callaway said.

For instance, LogDNA currently processes more than 4 petabytes of log data per month for IBM Cloud across a dozen global datacenters, according to Callaway. That is now enabling IBM Cloud to stream data to services such as IBM QRadar and Splunk for “faster security management,” Callaway said.

LogDNA sees managed security service providers (MSSPs) and managed detection and response (MDR) providers as a first wave of users for the company’s observability pipeline, “in order to differentiate their security capabilities to enterprises,” he said. The company has begun bringing on MSSP design partners.

ML capabilities

The observability pipeline also has the potential to enable enhanced use of machine learning (ML) with security, Callaway said. Companies that condense large amounts of data for ML “have only taken the first step,” he said.

“Different ML tasks require different kinds of data, and companies need to shape, form, trim, redact, and process the data for every ML model in order to yield the best results,” Callaway said. “For example, training a model focused on security errors requires data focused on security errors, not every piece of data the company has ever generated.”

Consequently, LogDNA is looking into routing to ML technologies for highly effective learning across individual models, he said. Notably, the data pipeline approach also differs from the “single pane of glass” approach taken by other players in the observability data space, Callaway said.

“Now that open systems, cloud-native architectures, and interconnected applications and data are commonplace, a single pane of glass is far too limiting,” he said. “It’s time to shift the focus to the people who use the data.”

The data consumer must be able to capture the real-time value of data that’s in motion, not just data at rest in storage, Callaway said. And “they must be able to ingest and process data to a central point — the pipeline — and then route it to the tools where people are actually working, rather than force them to break their workflow to use a different tool. This is the problem that LogDNA aims to solve,” he said.

Security VC interest

Another indicator of LogDNA’s move into security — and the potential relevance of its solution for the security market — is that the new round of funding was led by security-focused venture firm NightDragon. The firm’s cofounder and managing director is Dave DeWalt, formerly the CEO of prominent cybersecurity vendors FireEye and McAfee.

DeWalt had joined the board at LogDNA in April, where he serves as vice chair, though this round represents the first investment by NightDragon into the company. In a blog post in April, DeWalt called LogDNA “one of the leading companies solving the DevSecOps challenge for developers and application security teams today.”

In the news release announcing the funding today, DeWalt said that LogDNA’s technology enables customers to make “smarter, more cost-effective decisions” — and ultimately “reduce the mean time to detection and remediation for cyberattacks.”

Two existing investors, Initialized Capital and Emergence, took part in the series D funding round. LogDNA did not disclose any valuation details associated with the round. The company has now raised a total of $110 million in funding.

Rapid growth

LogDNA did not disclose revenue details for 2021, but had previously reported revenue growth of 155% in 2020. The company was also recently ranked No. 112 on Deloitte’s 2021 Technology Fast 500 of the fastest-growing public and private tech firms. The ranking recognized the company for generating revenue growth of 1,293% between 2017 and 2020.

On the partnership side, the IBM Log Analysis and IBM Cloud Activity Tracker services are driven by LogDNA technology.

In addition to serving as a partner, IBM Cloud is also a LogDNA customer. LogDNA’s technology provides centralized logging for the entire IBM Cloud system, as well as for individual teams such as IBM Watson and The Weather Company. Other LogDNA customers include Asics, Lime, Better.com, and Sysdig.

The company employs 124. It was founded by Chris Nguyen, who served as CEO from 2016 to 2020, and chief technology officer Lee Liu. The founders had previously founded two companies together, JobLoft (acquired by OnTargetjobs) and TeamSave.

The idea for the company came while Nguyen and Liu were taking part in Y Combinator’s winter 2015 cohort, working on an ecommerce marketing platform. “We built a powerful logging system many of our friends wanted” and “decided to pivot,” Liu wrote on Hacker News in 2016.

Callaway, who previously held executive roles including at Chef and Sauce Labs, took the helm as CEO of LogDNA in mid-2020, after a stint serving as president of the company.

Key differentiators

Competitors include publicly held companies Datadog and Sumo Logic — as well as venture-backed companies such as Cribl, which raised a $200 million series C round in August, and Coralogix, which raised a $55 million series C in July.

According to Callaway, major differentiators include that LogDNA is “built for builders” such as application developers, site reliability engineers, and platform engineers. Looking ahead, adding the observability data pipeline to the company’s portfolio will offer further differentiation, he told VentureBeat.

“Most of our competitors either provide a single pane of glass solution or a data pipeline,” Callaway said. “Unlike them, LogDNA brings together best-in-class log analysis and an observability data pipeline — so that enterprises can get machine data from any source, at any scale, to any destination, for any use case.”

This ultimately empowers “any data consumer” within an organization, he said.

All in all, “there is clear enterprise-driven demand to make observability data work better for all data consumers,” Callaway said. “This investment allows us to accelerate bringing our full solution to market.”