Scanner, a cybersecurity data platform built to enable fast search and analysis across massive volumes of security logs, announced it has raised $22 million in a series A funding round led by Sequoia Capital with participation from CRV and Mantis VC. The funding will support the company’s efforts to expand its platform and bring its technology to more security teams as AI agents become increasingly central to cybersecurity operations.
Security teams often face a tradeoff between cost and accessibility when managing log data. Traditional security information and event management systems offer fast search but are expensive and typically retain data for only about 30 days. At the same time, storing logs in object storage is far more cost-effective but makes searching across that data slow and difficult, sometimes requiring hours or even days to retrieve results. As a result, large portions of security logs, such as WAF and endpoint detection data, are frequently stored in systems that make them effectively inaccessible for rapid investigation.
Scanner was built to address this challenge by enabling fast search across long-term log storage without the high ingestion costs associated with traditional SIEM platforms. The company developed a new type of indexing system specifically designed for object storage. When queries are run, the system scales up compute resources to rapidly find results and then scales back down once the task is complete, allowing organizations to pay only for the compute used during the search.
This architecture enables security teams to analyze months or even years of historical data in seconds. Rather than limiting threat investigations to recent activity, organizations can look far deeper into historical logs when new threat intelligence emerges, increasing the likelihood of detecting intrusions before attackers cause significant damage.
Scanner’s platform is already used by organizations including Notion, Ramp, BeyondTrust, Lemonade, Benchling, Postman, and EliseAI. These customers rely on the system to perform threat hunting across multiple log sources and long retention periods that were previously difficult or impossible to search efficiently.
The company has also seen a rapid increase in the use of AI agents designed to assist security teams. Over the past several weeks, automated agents have become some of the most active users of the platform, continuously querying log data to identify suspicious patterns, triage alerts, and investigate incidents.
These AI-driven workflows allow agents to correlate signals across vast datasets and compile context for human analysts, dramatically improving investigation efficiency. For example, Notion has deployed a security AI agent called Scruff that integrates Scanner alongside tools such as Wiz and CrowdStrike to gather context from logs, user activity, and system events before presenting analysis to human responders.
According to Scanner, this type of agent-driven threat hunting depends on a scalable data platform capable of searching massive datasets quickly, something the company believes traditional security tools struggle to deliver.
The investment also brings support from a number of prominent security and infrastructure leaders. Among the angel investors backing the company are CISOs from Fortune 500 organizations and fast-growing technology companies, along with Christina Cacioppo, founder and CEO of Vanta; Tom Killalea, chairman of MongoDB and Amazon’s first CISO; and Venkat Venkataramani, founder of Rockset and current head of infrastructure at OpenAI.
Scanner says its long-term goal is to build the foundational data layer for a new era of security operations in which human analysts and AI agents collaborate over complete datasets rather than the limited slices of data typically stored in traditional systems.
KEY QUOTES:
“Scanner gave us months of searchable history instead of two weeks. When new threats emerge, we build detections and search years of logs for IOCs very rapidly. Both are game-changers for security at scale.”
Brandon Ledyard, Detection Engineer, Ramp
“Security teams generate massive amounts of data but can only afford to search a fraction of it. Scanner has built a fundamentally new approach to this problem, which enables companies to move into the agentic era of cybersecurity. AI is notoriously data hungry, and Scanner is the only technology on the market today that manages security data at AI scale.”
Bogomil Balkansky, Partner, Sequoia Capital
