Originally Published by Clabby Analytics July 15, 2015

Evolven: Blended Analytics for IT’s “Unknown Unknowns”

July 15, 2015 by Jane Clabby, Clabby Analytics

Evolven, a leading IT Operations Analytics vendor announced Blended Analytics, a solution that

combines all relevant data/sources across IT silos (including performance, log, network, deployment

automation, service desk and CMDB), correlates them with change data and applies powerful analytics to

find the true root causes of performance and availability issues.

Why is this important? Enterprises are missing the “unknown unknowns” – issues they have never seen

before and can’t afford to continue missing. By collecting and analyzing data from this broad range of

sources and combining it with information about what has changed, Evolven reports that troubleshooting

resolution times can be reduced by up to 50%, and the number of incidents can be reduced by as much

as 35%, thus improving both mean time to repair (MTTR) and to prevent problems before they impact

users.

Background

Founded in 2007, Evolven is headquartered in Jersey City, New Jersey, and is privately held, backed by

leading venture capital firms Pitango Venture Capital and Index Ventures. Evolven sells to medium to

large enterprises, particularly in the Financial, Banking, Insurance, Pharmaceutical, and Healthcare

industries where IT infrastructure is dynamic and complex as well as being critical to the business. The

typical Evolven client can have from hundreds to tens of thousands of production servers located on-

premise and/or in the cloud. The company’s customers include Barclays, JPMorganChase, Chubb,

Deloitte, IMS Health, ING, Southboro Medical Group and others.

In general, the CIO, CTO, or Head of Operations makes the purchase decision but Evolven users come

from all the IT teams including DevOps, Service Management, Change Management, QA, and others.

Rather than having any direct competitors, Evolven offers an alternative to other approaches to problem

identification and resolution. For example, some potential customers focus on deployment automation

(actually increasing pace of change and complexity of root cause analysis) or APM tools (identify an area

of the issue but not the true root cause). Evolven’s ability to track end-to-end granular changes and

correlate and analyze change information with other operational symptoms and IT context data is what

differentiates the company from those approaches and vendors..

Blended Analytics – A Closer Look

Evolven’s Blended Analytics (See diagram, next page) correlates and analyzes cross-silo data sources to

deliver IT operations insights. After blending relevant data sources and correlating with change data,

advanced analytics based on machine learning, anomaly detection and domain specific heuristics help to

transform this data into meaningful, actionable information.

Originally Published by Clabby Analytics July 15, 2015

Evolven reports that 95% of incidents are caused by change. By incorporating related change data with

other collected operational data including “symptoms” such as data collected by APM tools (Dynatrace,

AppDynamics, NewRelic, for example), log and network management tools and information about IT

context including CMDB, Deployment Automation, and Service desk, Evolven can either resolve

problems more quickly or even fix them before they affect users.

Evolven Blended Analytics Model

It is Evolven’s technology that collects information about changes – tracking, correlating and analyzing all

changes, end-to-end from application to infrastructure at the most granular level, in order to quickly find

the root cause. Examples of changes include:

Configuration: Causing configuration issues

Data: Unexpected data inputs and structure, data anomalies, size of data

Capacity: Insufficient resources causing system failures and slowdown

Workload: Unexpected transactions distribution, sequence or volume

Code: Introducing new defects

Data is collected non-intrusively in near real-time. According to Evolven, customers typically select from

15 minutes to 1 hour as the interval for data collection. Data is cleansed to eliminate any “noise” and

irrelevant or insignificant data, and then similar events and key performance indicators (KPIs) are

clustered. Finally, data from each source is normalized and put into a similar format for analysis.

Originally Published by Clabby Analytics July 15, 2015

The Evolven analytics engine (See diagram next page) calculates a risk score for each change dimension

and blended data source. Using machine learning-based anomaly detection, statistic and heuristic

algorithms, and a knowledge base incorporating subject matter expert (SME) input, dimensions are given

a risk score and are ranked based on that score. Risk may be predicted based on the type of change,

frequency of change, what is affected by the change etc.

From this data an integrated risk score is calculated. For example, this change related to this alert has an

X% chance of being the root cause. Note that the actual change must be used to calculate risk – the

system cannot look ahead to predict the impact of a particular change that is not deployed yet. “What-if”

analysis of this type is planned for a future release.

Evolven Blended Analytics – Change-Centric Risk Analysis

The solution is available either on-premise or in a software-as-a-service (SaaS) model. The same

functionality on the same release schedule is offered regardless of delivery model.

Originally Published by Clabby Analytics July 15, 2015

Evolven Use Cases Troubleshooting – By identifying what has changed in a unified correlated view and applying

analytics multi-dimensional risk analysis to identify critical changes that carry the most risk, root

cause diagnosis is accelerated (up to 50% faster according to Evolven).

Prevent incidents – With changes being tracked and ranked according to risk as they happen,

Evolven analytics look for anomalies and patterns and issue risk alerts that can eliminate

incidents proactively (up to 35% fewer incidents, according to Evolven). Analytics can be applied

across environments to validate environment consistency (for example, production vs DR; new

server vs. golden baseline; across cluster).

DevOps – Individual changes, patches, and releases can be validated to ensure that they are

applied correctly and consistently. Automated consistency reports improve deployment efficiency.

The software links changes with post-release stability issues so that they can be quickly resolved

(error-free releases are attained up to 25% faster according to Evolven).

Automated Audit – An end-to-end audit trail is automatically created for reliable identification of

unauthorized changes and quick alerting of high-risk changes (75% less manual effort required

according to Evolven).

Summary Observations

The market for IT Operations Analytics is evolving, with many vendors trying to gain a share of the

growing market. APM vendors are adding analytics capabilities to their performance monitoring tools;

analytics vendors are adding new data sources such as Internet of Things (IoT) data to their analytics

platforms; while others are offering easy-to-deploy/manage SaaS delivery models to entice customers.

By offering a solution that is “change-centric”, Evolven has zeroed in on the dynamic nature of today’s IT

environments. Virtualized and cloud-based infrastructure is constantly changing to address new

workloads and new applications. DevOps methodologies introduce new code at much more frequent

intervals, and users are more demanding with expectations of rapid response time and no downtime.

Evolven’s Blended Analytics addresses these requirements with a solution that is cross-silo, focused on

change data, and analytics-driven to provide actionable insights that quickly identifies root causes and

sets the scene for correcting or entirely preventing the problems.

About the Author: Jane Clabby

Jane Clabby has been in the computer industry for 25 years. She worked at both Data

General and EMC in a variety of positions including product management, marketing

research, business development, and marketing communications. In her five years at

Clabby Analytics, she has covered storage, storage management, software defined

infrastructure, cloud computing, and application performance management in her role

as a research analyst. Jane received her BA from Williams College and an MBA from

Boston University.