CrowdStrike (NASDAQ: CRWD) has announced its intent to acquire Onum, a pioneer in real-time telemetry pipeline management, aiming to evolve its Falcon Next-Gen SIEM into a definitive data foundation for agentic security and IT operations. This acquisition is designed to eliminate onboarding friction and deliver autonomous detection capabilities.
George Kurtz, CEO and founder of CrowdStrike, stated that their Next-Gen SIEM powers the modern Security Operations Center (SOC) and that data is its fuel. He described Onum as both a pipeline and a filter, which will stream high-quality, filtered data directly into the Falcon platform. This is intended to drive autonomous cybersecurity at scale, stopping breaches at the speed of AI while providing customers with control over their data ecosystem beyond just cybersecurity.
CrowdStrike’s Next-Gen SIEM is positioned as a core component in adopting the Falcon platform as the operating system of cybersecurity. The company highlights that customers are leveraging Falcon’s native, hyper-scalable data foundation to address complex security and IT observability issues. Falcon Next-Gen SIEM is also associated with AI SOC transformation, offering capabilities, cost efficiencies, and agentic speed that the company states legacy platforms cannot match.
Onum, built on a proprietary stateless, in-memory architecture, is intended to complement Falcon Next-Gen SIEM by offering speed, scale, and efficiency in onboarding. It provides customers with control over their security and observability data. Onum also extends Falcon’s AI-powered detections directly to third-party data sources through in-pipeline analysis, initiating detection before data fully enters the Falcon platform.
The acquisition is expected to deliver several advantages across key dimensions. In terms of speed, Onum is reported to deliver up to five times more events per second than its nearest competitor and processes security and observability data in real-time, contrasting with legacy batch and store methods. For cost, smart filtering is projected to reduce data storage costs by up to 50 percent through intelligent optimization. Regarding outcomes, real-time pipeline detection, initiated before data enters the Falcon platform, is expected to result in up to 70 percent faster incident response with 40 percent less ingestion overhead.
Previously, migrating data into Next-Gen SIEM was a significant challenge for SOC transformation, often requiring third-party tools. The Onum acquisition is intended to eliminate this data migration bottleneck, reducing friction and cost by providing native data streaming and in-pipeline detection within the Falcon platform.
Pedro Castillo, founder and CEO of Onum, noted that Onum was founded on the belief that pipelines should do more than transport data; they should transform data into real-time intelligence. He added that joining CrowdStrike enables this vision to be delivered at an unprecedented scale, accelerating SOC transformation globally. Castillo expressed pride in his team’s work in defining real-time telemetry pipeline management and anticipation of bringing that innovation to the Falcon platform.
CrowdStrike is a global cybersecurity leader known for its cloud-native platform designed to protect critical areas of enterprise risk, including endpoints, cloud workloads, identity, and data. Powered by the CrowdStrike Security Cloud and AI, the CrowdStrike Falcon platform uses real-time indicators of attack, threat intelligence, evolving adversary tradecraft, and enriched telemetry to provide hyper-accurate detections, automated protection and remediation, threat hunting, and prioritized observability of vulnerabilities. The platform, built in the cloud with a single lightweight-agent architecture, aims for rapid and scalable deployment, superior protection and performance, reduced complexity, and immediate time-to-value.
