Data science startup Insight Engines adds log data analysis and hybrid cloud capability to ask better questions of data

Grant Wernick, the CEO and co-founder of Insight Engines, says that their product revolutionizes log store search and helps companies address the scarcity and cost of data scientists by letting English majors do the same job.

Grant Wernick, Insight Engines’ CEO

Today, San Francisco-based startup Insight Engines is announcing the 3.0 version of their product, which they are terming the biggest update in their history. Insight Engines is not a search company, but they do improve on and displace log source search tools. The 3.0 release enhances their capabilities by enhancing their original product, Insight Investigator, with improved intelligence and a new hybrid capability. It also adds a second offering, Insight Analyzer, which helps people understand what they have in their data logs and how they can be organized more effectively.

While Insight Engine is used by big banks to help them investigate cybercrime, and by governments to protect nuclear facilities, the company didn’t come out of the security space – at all.

“We come from a hardcore search and natural language background, and from the consumer side,” said Grant Wernick, Insight Engines’ CEO. Between 2011 and 2015 I and my co-founder ran another company, where we translated human language to database queries that are nothing like human language. We were able to produce products with much higher fidelity than Siri or Google Maps, so that people could ask better questions. If you wanted to book a dinner at a type of restaurant in Toronto for six people, that had a table open at 7:00, you would be able to get an intelligent response to such a question and book your reservation.”

In 2016, they founded Insight Engines, to apply the same concepts in the enterprise, using natural language processing and  machine learning to ask high-value questions, and give recommendations based on industry intelligence and activities.

“Gartner has a Magic Quadrant called Insight Engines, which is what used to be Enterprise Search before they rebranded it, but that’s not what we do,” Wernick said. “We help companies understand the data in their logs and how to better ask questions to get information from it, using machine learning and AI. It’s not just search. We trust humans to make intelligent decisions, but we do all the grunt work for humans to work smarter. We don’t displace log stores, which need to be there for compliance. But we do displace traditional log store search, and enable people to ask questions rather than queries.”

Insight Engines is the next generation of log stores

“Splunk is a good log store, and the best thing to scale to store your logs in, and anything we touch makes Splunk more money,” Wernick said. But log store search is esoteric and hasn’t changed in 10 years. In today’s fast-paced world we need people to iterate questions on the data, and we are the evolution beyond the log store. SPL is a secret squirrel language, which is powerful for the right people, but not something most people should spend time on. The last three years for us have been a fabulous uptrend of empowering security and IP analysts to ask their questions. It has changed way people work together. It also helps deals with the talent gap in data analysis, because you can hire English majors to do this, asking creative questions about dark areas of the data. We empowered security guards to do this, and they moved from a low wage job to an IT worker income.”

Identity Engines does have a channel as part of their go-to-market, with about 30 total partners.

“They tend to be boutique, focused players in areas like infrastructure tools, and a majority are in the federal government space,” Wernick indicated. “GSIs don’t partner with companies our size.” Arrow handles their commercial distribution, and Carahsoft their government distribution.

With Insight Engines 3.0, the company is ramping up in three major ways.

“First, we now have a product with Insight Investigator that’s partially in the cloud and partially on-prem,” Wernick said. “Investigator was purely an on-prem product before. On-prem is the default for a natural language product like this because some customers want air-gapped, and that has to be on-prem.”

Now Investigator continues to keep data on-prem, but the natural language processing engine and data-health monitoring technology live in the cloud.

“This lets us get intelligence from the cloud, while keeping the customer data local,” Wernick said.

Second, Identity Engines has added a second solution, Insight Analyzer.

“Insight Analyzer looks at the customer’s log store and the data sources that go into it, and helps customers understand what they have – and don’t have – in their logs. They may find out that some alerts aren’t being logged at all. And the data becomes more open, so they can understand what they have, and how to best organize it. This stops their log store from becoming a disorganized landfill. It also gives the customer a better sense of what they can ask, and the data they can onboard.”

Finally, the insight engine has had a lot more intelligence added to it.

“It’s a huge update,” Wernick said. “It’s our biggest update yet.”