Navigating the Maze of Incumbent Pricing Models in IT and Security

May 13, 2024
Written by
Nick Heudecker's Image

Nick Heudecker leads market strategy and competitive intelligence at Cribl. Prior to join... Read Moreing Cribl, he spent over seven years as an industry analyst at Gartner, covering the data and analytics market. With over twenty years of experience, he has led engineering and product teams across multiple successful startups in the media and advertising industries. Read Less

Categories: Learn

This is the second in a series of blog posts about the disconnect between modern IT and security teams and the vendors they’re forced to work with. If you’re looking for the first and last posts, you can find it here and here

In the dynamic world of managing observability and telemetry data, pricing models for tools and platforms are showing their age, creating a significant disconnect between vendors and the IT and security teams they serve. This disconnect centers around the punitive pricing models that have become the norm in the industry. Let’s dive into the details of these outdated pricing strategies and explore the implications for enterprises striving to manage their data effectively.

The Pitfalls of Average Daily Ingest Pricing

The first prevalent model we encounter is based on the average daily ingest of data. At first glance, it seems logical – pay for what you use, right? However, as data volumes swell, this model favors vendors, placing a financial strain on end users. Organizations find themselves trimming down the number of inbound data sources to keep costs manageable. After all, who hasn’t turned off ingesting noisy data sources as the end of the month approaches? Even worse, many enterprises avoid ingesting targeted data sources, like firewall logs, given the cost that storing them would entail. And considering that a significant portion of all observability data is duplicated, the financial sustainability of this model is unsustainable for large enterprises.

The Hidden Costs of Workload-Based Pricing

Moving away from ingest limitations, workload-based pricing looks like a viable alternative, especially for procurement teams. Here, costs are incurred each time IT and security teams access their data, a method that ostensibly bypasses the pitfalls of ingest-based pricing. Yet, this model introduces unpredictability related to demand. High-demand scenarios, such as application outages or security incidents requiring extensive data analysis, can lead to unexpected cost spikes, making predictable budget planning a nightmare for stretched teams.

The A La Carte Model: A Mixed Blessing

Lastly, the a la carte pricing model offers a seemingly affordable entry point with basic services like log management priced attractively. However, the devil is in the details. A budget log management service rarely meets all of your needs. As additional services are tacked on to meet the complex needs of diverse teams, costs can balloon, leaving enterprises facing steep bills for comprehensive data management. That $0.10/GB price may end up costing $2.50/GB or more as more options from the menu add up.

A Call for Pricing Innovation

These traditional pricing models, while beneficial for vendors in an era of escalating data volumes and complexity, leave much to be desired for the end users. The necessity for data sharing, access, and tiering data to appropriate service levels only accentuates the growing chasm between what is offered and what is needed.

As we navigate these costly waters, the call for innovation in pricing strategies is louder than ever. Enterprises require flexible, transparent, and sustainable models that align with the realities of modern data management. The journey toward more equitable pricing models is not just a pathway to cost savings; it’s a step toward enabling businesses to leverage their data more effectively without the looming threat of prohibitive costs.

In this evolving landscape, dialogue between vendors and their customers is crucial. By understanding the unique challenges faced by IT and security teams, vendors can develop pricing structures that support the diverse needs of today’s enterprises, fostering a healthier, more productive relationship between all parties involved.

If you want to see how Cribl is innovating not just technology, but how we’re making it accessible and equitable to our customers, join us at CriblCon on June 10th in Las Vegas. We’re announcing new products and features, and it’s a chance to connect with the brightest minds in cybersecurity and observability. I hope to see you there.


Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s suite of products to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs.

We offer free training, certifications, and a free tier across our products. Our community Slack features Cribl engineers, partners, and customers who can answer your questions as you get started and continue to build and evolve. We also offer a variety of hands-on Sandboxes for those interested in how companies globally leverage our products for their data challenges.

Feature Image

Cribl Packs a Punch: Unpacking the Integration with Microsoft Azure Sentinel with Cribl Source and Destination Packs

Read More
Feature Image

Tackling the Unsustainable Skills Challenge in Cybersecurity and Observability

Read More
Feature Image

Finding a Better Way to Work in the Cloud!

Read More

Try Your Own Cribl Sandbox

Experience a full version of Cribl Stream and Cribl Edge in the cloud with pre-made sources and destinations.


So you're rockin' Internet Explorer!

Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari

Got one of those handy?