Onum unveils four new features to help security teams act on telemetry data in real-time, enabling faster detection, reduced costs, and streamlined control.

Onum, a provider of real-time data pipeline technology for security and infrastructure teams, announced new capabilities aimed at expanding how organizations shape, enrich, and act on telemetry data upstream: Bring Your Own Code (BYOCode) and real-time Sigma rules support.

The updates, introduced at RSAC 2025 Conference, are part of Onum’s broader initiative to push actionable intelligence closer to the point of ingestion. While most modern pipeline platforms prioritize data reduction or routing, Onum’s architecture is designed to embed enrichment, detection, and transformation directly in-stream—helping organizations reduce latency, avoid costly reprocessing, and optimize downstream analytics platforms.

Cyber Technology Insights : CrashPlan Delivers Cyber Resilience and Data Protection in a Single Cloud Platform

With BYOCode, engineering and detection teams can embed custom Python logic directly into the Onum pipeline—enabling custom enrichments, tagging, format corrections, or even behavioral detection scripts to execute in real-time. This eliminates the need for brittle sidecar processes or complex post-processing stages that are often required by earlier-generation telemetry pipeline tools.

The new Sigma rules integration allows security teams to execute vendor-neutral threat detection logic, written in the widely used Sigma rule syntax, against enriched telemetry before it lands in a SIEM or SOAR. This approach improves detection speed and reduces noise by allowing detections to be filtered and routed the moment they occur, rather than after delayed analysis.

“Many tools help move telemetry. Few help you act on it before it becomes expensive or outdated,” said Pedro Castillo, CEO and co-founder of Onum. “With BYOCode and in-pipeline Sigma rules, we’re helping teams shift left—customizing and detecting threats earlier in the pipeline—where latency is lowest and context is freshest.”

Onum’s approach is notably different from earlier vendors in the log pipeline and observability orchestration space. While earlier tools focused on filtering and replay, and newer platforms offer basic stream processing, Onum delivers full real-time control with the flexibility today’s enterprise teams need.

What sets Onum apart from current telemetry pipeline solutions:

  • Optimized for in-flight processing, not batch-based log shipping or post-ingest analysis
  • Real-time enrichment, schema normalization, and correlation embedded directly in the pipeline
  • BYOCode enables inline business logic without external scripts or sidecar services
  • Sigma rules execute upstream, reducing noise and accelerating triage
  • Visual pipeline builder with AI-driven tuning and native support for enterprise security workflows

To support faster onboarding, Onum also introduced two AI-driven features. The AI Pipeline Assistant suggests optimization and tuning recommendations based on usage patterns, while the AI Action Assistant analyzes telemetry payloads and proposes enrichment, routing, or transformation logic during pipeline creation. Together, these tools are designed to help teams iterate quickly and reduce time spent on manual configuration.

Cyber Technology Insights : Radware Launches New Cloud Security Service Centers in India and Kenya

In addition, Onum launched a Marketplace of reusable pipeline components and integrations. These templates and actions—ranging from AWS CloudTrail enrichment to field-level masking for compliance—are intended to help teams deploy best-practice workflows with minimal engineering effort. All Marketplace assets are versioned and customizable.

Onum’s latest release reflects a growing demand for upstream data intelligence in environments where log volume, storage costs, and detection complexity continue to rise. Rather than competing on log compression or visualization dashboards, Onum focuses on real-time control and policy enforcement at the ingestion layer, allowing teams to filter noise, enrich signal, and act in milliseconds.

“Security and platform teams don’t need another place to send data. They need a better way to shape and use it in real-time,” said Castillo. “We’re building for teams who need more than visibility—they need speed and control.”

Cyber Technology Insights : Summit 7 and Hypori Partner to Enhance Mobile Security and Compliance

Source: prweb

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com