Was Crowdstrike afraid of missing the boat?

Was Crowdstrike afraid of missing the boat?

There is a smaller competitor who reported this on February 5:

“SentinelOne, the autonomous cybersecurity platform company, today announced the acquisition of Scalyr, a leading cloud-native, cloud-scale data analytics platform.”


“Scalyr provides a complete log analytics and observability SaaS offering in support of modern, cloud applications”

And then 2 weeks later Crowdstrike:

“CrowdStrike adds best-in-class data ingestion to extend its leadership with a true multi-tenant, cloud-native platform that delivers superior contextual insights and powers decision-making at enterprise scale”


Humio: “Modern log management with streaming observability and affordable Unlimited Plans”

So possibly Crowdstrike’s purchase of Humio was simply a reaction to SentinelOne’s purchase of Scalyr?

What do you think?

Translated with www.DeepL.com/Translator (free version)

1 Like

Here an additional article regarding this topic:

“A couple of weeks ago SentinelOne announced it was acquiring high-speed logging platform Scalyr for $155 million. Just this morning CrowdStrike struck next, announcing it was buying unlimited logging tool Humio for $400 million”


Here in this interview CEO of Crowdstrike spoke also about competitor SentinelOne (there could be an IPO this year):


“Why is pushing beyond security a good move for CrowdStrike?”

“We’re not moving away from security, but we’re expanding our total addressable market into areas that people care about.”

“How does CrowdStrike stack up against SentinelOne in XDR following their buy of Scalyr?”

“We feel really good. They [SentinelOne] would have loved to have this asset [Humio]. They had to buy something [Scalyr] in my opinion that doesn’t have the same scale and technology. From our standpoint, we know it [Humio] is the best in the industry for what they do, and we’re excited to have it.”


I think you are onto something here.

SentinelOne has some top guys from Cylance, which was one of CrowdStrike’s top competitors, formed by a former partner and close friend of George Kurtz named Stuart McClure. Cylance, presumably against McClure’s wishes was bought by Blackberry and made quickly irrelevant, which is why Kurtz has often said the competitive landscape was better than he had seen.

Bottom line is it seems to me that Sentinel One is a legit competitor and probably going public soon. Seems like CrowdStrike caught a lucky break by having Cylance taken out and now Cylcance, as Sentinel One is being reborn as the tough competitor that Cylance could have been.

That said I know nothing about the tech. But it does seem like we have a real battle shaping up here.

I’m not worried about this as a CrowdStrike investor because tough competition brings out the best in our companies, comes with the territory of trying to become a multi hundred billion-dollar company and these are fights we have to win.

Broadway Dan


Not sure if I did it here or other boards, but I mentioned SentinelOne in the past as a Crowdstrike competitor that could IPO soon.

I had a large enterprise client looking at crowdstrike and sentinelone, and the sentinelone sales rep was pretty good, and could spin a very compelling story of why they were a better fit than Crowdstrike.

Found my old links from Feb 2020:

My guess is when covid hit, that postponed IPO talk for a while.
You would think they would have gotten back on IPO bandwagon when CRWD and other stocks started to thrive not long after the initial covid panic.

Either way, they were following a similar trajectory as CRWD, have a similar solution, and were perceived as about a year behind them at the time I last looked into it.



I think it is not so much “a missing the boat” situation here, as it is one of everyone seeing that “logging” is the point at which many of these products, whether a DataDog or a Crowdstrike is built from. Well, you can do a lot obviously from those logs, but what if the ‘logging’ itself started to change? Now you’d have a ‘Problem’ one that is more easily circumvented by taking the bull by the horns and trying to control ‘logging’, which makes your logging a gatekeeper to a set of compatible products-solutions.

This is about securing control of the interface that all of the security and observability solutions are reliant upon. Advancements that might come to the log interface could derail any/all of them. And, many people seem to have been looking at all of it and coming back to the data that is right at the beginning: the logs. Tossing the logs into a DB is a solution (Elastic, e.g.) for observability, but it also adds a lot of overhead to run a DB where you might be able to not run a DB, with some upfront thinking and processing. Humio seems to fit that bill: breaking the log apart into many logs, but then someone like Crowdstrike or DataDog has to worry that what they need is no longer in “one log”…

That is what I think is happening here.