How Onum is turning data overload into real-time defense

*Editor’s note: CrowdStrike has acquired Onum as of August 2025.

Today’s SecOps teams are inundated with data. Despite major advances in detection tools, the increasing volume and complexity of security data make it harder than ever for teams to extract actionable intelligence before threats take hold.

In fact, approximately 90% of the world’s data has been generated within the past two years, with total global data storage exceeding 200 zettabytes in 2025 — a single zettabyte being equivalent to storing 250 billion DVDs.

It’s no surprise that enterprises have little visibility or control over their own security data — and with every terabyte comes higher costs, more noise, and a greater chance of missing something critical.

That’s a security issue, says Pedro Castillo, cofounder and CEO of data pipeline management solution, Onum.​ “Ask [any] user of … an analytics platform, ‘Hey, what data did you send yesterday?’ Do you know what’s the most common answer? ‘I don’t know’ or ‘Let me take a look’…. You should know without asking the analytics platform.”

The high cost of data delays

In 2003, Castillo was working as the cybersecurity director of a Spanish bank when it was hit by a major phishing attack. Minutes turned into hours as the bank’s threat detection tools sifted through masses of data, leaving thousands of accounts vulnerable to the attackers while they processed alerts.

The more experience he gained, the more Castillo saw security teams face the same delays, compounded by endless amounts of data. And when sensitive information is at risk, time is of the essence.

Adding insult to injury, much of businesses’ security data holds no value, yet processing it slows down detection while driving up costs. IBM puts the global average cost of a data breach at $4.4M, while the IDC estimates that data storage costs are increasing by around 25% annually.

“Generally speaking,” says Castillo, “half of the data that a customer sends to an analytics platform has … zero value. No one wants to waste that amount of money.”

“Some years ago, it looked like the money for analytics [was] infinite. Those days have gone.”

In 2011, Castillo founded Devo, a cloud analytics and security platform that stores, analyzes, and secures customers’ data. Castillo led the company to unicorn status after it raised a $250M Series E round in 2021.

But as the threat landscape developed and cyber attacks became more sophisticated, Castillo recognized that legacy tools were no longer up to the task. He set out in 2022 to address the data volume, cost, and efficiency issues that Devo (and similar platforms) revealed as customers scaled.

“Onum is kind of a consequence of my time at Devo,” he says. “12 years in the analytics space, you really understand the process of the customer sending data to an analytics platform. How difficult it is for them to understand what data makes sense to send, what data doesn’t make sense, how to do even the [simplest] filtering or aggregation.”

“So after my time at Devo, I decided to come back to my origins to start a company from scratch.”

From legacy to real-time

Castillo teamed up with Pedro Tortosa, a former Devo colleague who now heads up strategic alliances and partners at Onum, and Lucas Varela, a former cybersecurity leader at CaixaBank who now serves as Onum’s CTO.

The business partners shared firsthand experience managing masses of complex enterprise data — including 50TB of daily logs — and envisioned a better way. They cofounded Onum (formerly Signalit) in Madrid in 2022, with a single goal: to simplify how businesses handle data and unlock true real-time intelligence.

Onum was born, not to replace Devo, but to provide the next layer in the data pipeline, making tools like Devo even more efficient. It was the first SaaS startup to give companies control over and real-time visibility of their data while reducing the amount of data they send to their analytics, SIM, and SIEM platforms, so they only pay for what they need.

The startup officially launched in late 2023, after raising a €11.6M seed round led by Insight Partners, to fund the completion of its product and expansion throughout Europe and into the United States.

Insight’s support as operator-investors gave Onum critical early validation, says Castillo. “We are very happy with Insight as an investor. The important thing that we sometimes forget is that behind the company, there are people. And I’m very happy with the people [at] Insight.”

“[Insight] decided to back Onum from the very first moment, so for me it’s an honor… I’m proud to have them backing us.”

Less than a year later, Onum raised a $28M Series A round and pumped funding into hiring, product development, and commercial expansion.

Cleaning the data pipeline

Today, Onum’s platform allows organizations to control and filter their vast datasets, identifying valuable information at the source to reduce costs and enable immediate, data-backed decisions.

The idea is simple: stop shipping useless data, and align the cost of analytics with the value of the data.

“We are a real-time observability platform … agnostic of the data sources [and] the destination,” Castillo explains. “[We work on] the data in transit … build alerts, do reductions, ETL, routing, orchestration and enrichment … converting 15 minutes to a millisecond.”

Castillo breaks data down into four categories:

1. Data you know has value: Send or store it, he says.
2. Data with no value: Discard it, or park it cheaply with Onum.
3. Raw data that you want to activate in real time: With Onum, you can trigger alerts and KPIs without storing raw logs.
4. Finally, there’s data you might want in the future: Onum stores it cheaply and restores it on demand if needed.

“We are covering the full spectrum of use cases,” he explains. While Onum is data-agnostic, cybersecurity has become its sharpest use case — around 80–85% of current customers are security teams.

“Customers used to accept that you cannot evaluate all the alerts and detections,” says Castillo. “We are helping the customer … [extend] their perimeters and convert alerts into incidents.”

Onum’s customers range in size, says Castillo, but “we shine more when you have more data.” For example, customers who send Onum 100TB per day — “a huge number, an amazing number” — are saving 60% on analytics costs, he says.

But it’s not just about reducing costs; even smaller companies dealing with half or one terabyte of data benefit from the move to real-time analytics.

Onum processes up to 5x more events per second than competitors and delivers enriched telemetry in real time, versus legacy batch methods, resulting in up to 70% faster incident response with 40% less ingestion overhead.

A tipping point for cybersecurity

“Cybersecurity has changed a lot in the last year, and especially everything related to data,” says Castillo. “It’s a huge opportunity to be here with a new value proposition, understand the market trends, understand how the people are using AI.”

While Onum is already leveraging AI across multiple functions on its platform, Castillo believes that the cybersecurity industry is overhyping AI while underinvesting in data hygiene:

“I think we are discussing AI [too much] and losing the context. … AI is changing our lives, but perhaps not [yet]. We want to show the market that data is the only place where all tools, all attacks, and everything are together. We are helping customers understand how to extract value from their data.”

We are now at a tipping point, he says. “We have a huge constraint with the budgets, but at the same time, the cyber space is more complex than ever … But if you don’t analyze this data, you are at risk.” The only way to keep up is to act on data at the edge, in real time.

That is Onum’s founding belief. By making the data pipeline intelligent, responsive, and efficient, the company helps security teams move faster, act with confidence, and stop paying to process noise.

And it’s a belief that’s striking a chord with the market. In late August 2025, cybersecurity technology company CrowdStrike announced it acquired Onum, a move that underscores how critical real-time data intelligence has become to the future of cybersecurity and validates the vision Castillo has been pursuing from the start.

With Onum, the teams defending tomorrow’s enterprises won’t be buried in data — they’ll be ahead of it.

*Note: Insight Partners has invested in Onum.