Evolven: Blended Analytics for IT’s “Unknown Unknowns”

By Jane Clabby, Clabby Analytics

On July 8, Evolven, a leading IT Operations Analytics vendor announced Blended Analytics, a solution that combines all relevant data/sources across IT silos (including performance, log, network, deployment automation, service desk and CMDB), correlates them with change data and applies powerful analytics to find the true root causes of performance and availability issues.

Why is this important? Enterprises are missing the “unknown unknowns” – issues they have never seen before and can’t afford to continue missing. By collecting and analyzing data from this broad range of sources and combining it with information about what has changed, Evolven reports that troubleshooting resolution times can be reduced by up to 50%, and the number of incidents can be reduced by as much as 35%, thus improving both mean time to repair (MTTR) and to prevent problems before they impact users.


Founded in 2007, Evolven is headquartered in Jersey City, New Jersey, and is privately held, backed by leading venture capital firms Pitango Venture Capital and Index Ventures. Evolven sells to medium to large enterprises, particularly in the Financial, Banking, Insurance, Pharmaceutical, and Healthcare industries where IT infrastructure is dynamic and complex as well as being critical to the business. The typical Evolven client can have from hundreds to tens of thousands of production servers located on-premise and/or in the cloud. The company’s customers include Barclays, JPMorganChase, Chubb, Deloitte, IMS Health, ING, Southboro Medical Group and others.

In general, the CIO, CTO, or Head of Operations makes the purchase decision but Evolven users come from all the IT teams including DevOps, Service Management, Change Management, QA, and others. Rather than having any direct competitors, Evolven offers an alternative to other approaches to problem identification and resolution. For example, some potential customers focus on deployment automation (actually increasing pace of change and complexity of root cause analysis) or APM tools (identify an area of the issue but not the true root cause). Evolven’s ability to track end-to-end granular changes and correlate and analyze change information with other operational symptoms and IT context data is what differentiates the company from those approaches and vendors.

Blended Analytics – A Closer Look

Evolven’s Blended Analytics (See diagram, next page) correlates and analyzes cross-silo data sources to deliver IT operations insights. After blending relevant data sources and correlating with change data, advanced analytics based on machine learning, anomaly detection and domain specific heuristics help to transform this data into meaningful, actionable information.

Evolven reports that 95% of incidents are caused by change. By incorporating related change data with other collected operational data including “symptoms” such as data collected by APM tools (Dynatrace, AppDynamics, NewRelic, for example), log and network management tools and information about IT context including CMDB, Deployment Automation, and Service desk, Evolven can either resolve problems more quickly or even fix them before they affect users.

Evolven Blended Analytics Model

evolven model

Source: Evolven 2015

It is Evolven’s technology that collects information about changes – tracking, correlating and analyzing all changes, end-to-end from application to infrastructure at the most granular level, in order to quickly find the root cause. Examples of changes include:

  • Configuration: Causing configuration issues
  • Data: Unexpected data inputs and structure, data anomalies, size of data
  • Capacity: Insufficient resources causing system failures and slowdown
  • Workload: Unexpected transactions distribution, sequence or volume
  • Code: Introducing new defects

Data is collected non-intrusively in near real-time. According to Evolven, customers typically select from 15 minutes to 1 hour as the interval for data collection. Data is cleansed to eliminate any “noise” and irrelevant or insignificant data, and then similar events and key performance indicators (KPIs) are clustered. Finally, data from each source is normalized and put into a similar format for analysis.

The Evolven analytics engine (See diagram next page) calculates a risk score for each change dimension and blended data source. Using machine learning-based anomaly detection, statistic and heuristic algorithms, and a knowledge base incorporating subject matter expert (SME) input, dimensions are given a risk score and are ranked based on that score. Risk may be predicted based on the type of change, frequency of change, what is affected by the change etc.

From this data an integrated risk score is calculated. For example, this change related to this alert has an X% chance of being the root cause. Note that the actual change must be used to calculate risk – the system cannot look ahead to predict the impact of a particular change that is not deployed yet. “What-if” analysis of this type is planned for a future release.

Evolven Blended Analytics – Change-Centric Risk Analysis

evolven change centric

Source: Evolven 2015

The solution is available either on-premise or in a software-as-a-service (SaaS) model. The same functionality on the same release schedule is offered regardless of delivery model.

Evolven Use Cases

  • Troubleshooting – By identifying what has changed in a unified correlated view and applying analytics multi-dimensional risk analysis to identify critical changes that carry the most risk, root cause diagnosis is accelerated (up to 50% faster according to Evolven).
  • Prevent incidents – With changes being tracked and ranked according to risk as they happen, Evolven analytics look for anomalies and patterns and issue risk alerts that can eliminate incidents proactively (up to 35% fewer incidents, according to Evolven). Analytics can be applied across environments to validate environment consistency (for example, production vs DR; new server vs. golden baseline; across cluster).
  • DevOps – Individual changes, patches, and releases can be validated to ensure that they are applied correctly and consistently. Automated consistency reports improve deployment efficiency. The software links changes with post-release stability issues so that they can be quickly resolved (error-free releases are attained up to 25% faster according to Evolven).
  • Automated Audit – An end-to-end audit trail is automatically created for reliable identification of unauthorized changes and quick alerting of high-risk changes (75% less manual effort required according to Evolven).

Summary Observations

The market for IT Operations Analytics is evolving, with many vendors trying to gain a share of the growing market. APM vendors are adding analytics capabilities to their performance monitoring tools; analytics vendors are adding new data sources such as Internet of Things (IoT) data to their analytics platforms; while others are offering easy-to-deploy/manage SaaS delivery models to entice customers.

By offering a solution that is “change-centric”, Evolven has zeroed in on the dynamic nature of today’s IT environments. Virtualized and cloud-based infrastructure is constantly changing to address new workloads and new applications. DevOps methodologies introduce new code at much more frequent intervals, and users are more demanding with expectations of rapid response time and no downtime. Evolven’s Blended Analytics addresses these requirements with a solution that is cross-silo, focused on change data, and analytics-driven to provide actionable insights that quickly identifies root causes and sets the scene for correcting or entirely preventing the problems.


Leave a Reply

Your email address will not be published. Required fields are marked *