Author Archive

Splunk and New Relic Power Digital Business Success

New Integration Unifies Machine Data Analytics and Performance Monitoring to Power Digital Transformation and Business

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, and New Relic Inc., the digital intelligence leader, today announced a strategic alliance and a new integration to help enterprises improve customer experiences and drive revenues. The Splunk App for New Relic, available today as a preview release on Splunkbase, gives developers and IT operations teams a comprehensive view into both application performance and infrastructure health with seamless sharing of data across both Splunk® and New Relic platforms.

The Splunk Platform collects, analyses and visualises machine data from all levels of the IT stack, including applications, infrastructure and wire data on the network so organisations can make business critical decisions tied to troubleshooting, reliability and planning. New Relic’s Digital Intelligence platform collects and traces data from agents inside application code and infrastructure so organisations can make decisions on customer experience, application dependencies and code performance. Both solutions support cloud, hybrid and on-premises data center architectures.

Unifying machine data analytics with application tracing and performance metrics enables IT and business stakeholders to experience a faster time-to-value through visualising data across both platforms. The Splunk App for New Relic integration enables developers and IT operations teams to quickly identify issues, reduce mean-time-to-resolution (MTTR) and proactively improve customer experiences. The result is improved revenues and expanded resources for engineering teams to drive a faster pace of innovation for their end users.

“Machine data is the fuel for digital transformation and those organisations capitalising on the opportunity are leading the way in IT by monitoring and troubleshooting application performance, often with both Splunk and New Relic,” said Rick Fitz, senior vice president of IT Markets, Splunk. “The partnership enables our joint customers to gain value faster, whether their applications run on-premises or on the cloud. The integration breaks down silos within IT teams to be able to fully leverage both data and workflow insights across the platforms to gain deeper insights with fewer steps.”

“New Relic’s agent data provides visibility into the dependencies across customer experience to application code to infrastructure. When combined with machine data from Splunk, our joint customers will be able to troubleshoot and innovate faster,” said Jim Gochee, chief product officer, New Relic. “We have heard from many customers that they want to standardise the tools and streamline the processes they use to run digital businesses, and today we’re making it possible with an all-in-one integration between two market-leading platforms.”

Melillo Consulting, an experienced technology solutions integrator, works with Splunk and New Relic customers. “Organisations embracing digital business strategies require unified data analysis across all levels of their IT stack, including applications and infrastructure, to ensure they can make informed, business-critical decisions,” said Dan Sytsma, vice president and general manager, Melillo Consulting. “One of the most frequent requests we receive from our customers stems from the desire to seamlessly integrate data across both Splunk and New Relic platforms. The Splunk App for New Relic gives our customers detailed application performance insight to complement machine data analytics insight across the technology stack, without the manual integrations previously required.”

To download the Splunk App for New Relic, click here.

Splunk Recognised as a Leader in Security Analytics by Independent Research Firm

Splunk Enterprise Security Receives Highest Possible Score for Real-Time Monitoring, Scalability and Detection Technologies

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced its position as a Leader in The Forrester Wave™: Security Analytics Platforms, Q1 2017 report. The report evaluates the most significant security analytics (SA) providers based on current offering, strategy and market presence. To view the complete report, visit the Splunk website.

According to the report, “Enterprises widely deploy Splunk as a log management and search tool for infrastructure and operations use cases in addition to security use cases … Enterprises with advanced security teams and complex logging requirements should consider Splunk.” The report also states, “Security analytics platforms give [security and risk] pros the ability to detect, investigate, and respond to cyber security threats. Speeding detection and hastening the investigation process enables faster response, lessening the impact of cyber attacks.”

For this report, Forrester evaluated Splunk Enterprise 6.5 and Splunk Enterprise Security (ES) 4.5. As a leader, Splunk received a 5.0 out of 5.0 in 17 criteria, including real-time monitoring, infrastructure, log management, scalability, and dashboard and reporting.

“Splunk introduced security analytics to the market several years ago directly in response to customer feedback and market dynamics, which have increasingly been centred on making data actionable. We’re proud to help customers around the world make sense of their data and embrace an analytics-driven approach to security,” said Haiyan Song, senior vice president of Security Markets, Splunk. “As organisations seek out solutions to help them detect, respond and hunt for threats faster than ever, many organisations have chosen Splunk to act as their nerve centre for security operations. We believe that Forrester has recognised the value Splunk brings to our customers. In our view, this report further validates how imperative it is to have analytics-powered technologies like Splunk at the heart of the Security Operations Center.”

Splunk customers use a platform-oriented approach to gain a wide range of analytics capabilities through Splunk Enterprise, Splunk ES, the machine learning toolkit and Splunk User Behavior Analytics (UBA). This provides users with insight into machine-generated data, including network, endpoint, access, anti-malware, vulnerability and identity information. Ultimately, this gives users the necessary analytics, flexibility and customization in their SOCs to manage and hunt security threats in real-time.

In Forrester’s 36-criteria evaluation of security analytics vendors, the research firm identified what they deem the 11 most significant providers in the category and researched, analysed and scored them. The Forrester Wave: Security Analytics Platforms report assesses the state of the security analytics market, and details findings about how well each vendor fulfils the criteria and where each fits in relation to each other.

To learn more about analytics-driven security and Splunk ES, download the report at the Splunk website.

Forrester Research, Inc., The Forrester Wave™: Security Analytics, by Joseph Blankenship with Stephanie Balaouras, Bill Barringham and Peter Harrison; March 6, 2017

Splunk Takes Home Excellence Award for Best Enterprise Security Solution at SC Awards 2017

Splunk Earns Recognition from SC Magazine for Sixth Consecutive Year

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, announced today that Splunk® Enterprise Security (Splunk ES) won the Excellence Award for Best Enterprise Security Solution at the SC Awards 2017.

“We are honored that Splunk ES earned this prestigious recognition as the Best Enterprise Security Solution by SC Media. The award is further testament that organisations around the world are hungry for analytics-driven security solutions that can detect and respond to threats while enabling real-time decision-making across security operations,” said Haiyan Song, senior vice president of security markets, Splunk. “As advanced cyber adversaries find new avenues to penetrate valuable data, it’s crucial that businesses can visualise and respond to threats faster than ever – which is why so many organisations rely on Splunk to help protect their data.”

Winners in the Excellence Award category of the SC Awards were selected by a panel of IT security experts from both the private and public sector. During the judging process, each finalist went through a rigorous evaluation that included in-depth analysis, analyst reports and/or product reviews. After a thorough and comprehensive analysis of each finalist’s strengths, Splunk’s Enterprise Security Solution was chosen as the winner of an Excellence Award in the Best Enterprise Security Solution category.

Splunk customers use ES as their security nerve centre, combining Splunk’s core security and information event management (SIEM) functionality with Splunk User Behavior Analytics (UBA). With Splunk ES, security analysts get insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity information, which arms teams with deep investigative and rapid response capabilities. This combined platform provides security analysts with a comprehensive solution that sits at the heart of the Security Operations Center (SOC) to improve threat detection and reduce time to resolution.

“Winning an Excellence Award represents hours, weeks and months of hard work, problem solving and dedication,” said Illena Armstrong, VP, editorial, SC Media. “We are proud to recognise Splunk for its outstanding contribution to the IT security landscape.”

Splunk ES was also a SC Awards Finalist for Best SIEM and Splunk UBA was a Finalist for Best Behavior Analytics/Enterprise Threat Detection. This caps a year of strong industry recognition for Splunk, with Splunk ES being named a leader in the 2016 Gartner Magic Quadrant for Security Information and Event Management (SIEM) for the fourth consecutive year.

The SC Awards are recognised throughout the cyber security industry and are a crowning achievement for IT security professionals and products. Each year, hundreds of applications are reviewed and narrowed down to a select group of finalists that represent the best solutions, services and professionals working around the clock to protect today’s businesses from an ever-changing landscape of security threats. For more information and a detailed list of categories, finalists and winners, please visit http://www.scmagazine.com/awards.

Splunk Customers Find Threats Faster with Adaptive Response

Splunk and Partners to Demonstrate New Capabilities at RSA Conference 2017

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced five new members of the Splunk Adaptive Response Initiative. The growing program, initially announced last year, is a best-of-breed security initiative helping organisations better analyse, assess and respond to advanced attacks within their Security Operations Center (SOC). New members integrate security policy management, incident response and endpoint security capabilities and include AlgoSec, Demisto, RedSeal, Resolve Systems and Symantec (Advanced Threat Protection).

Increasingly sophisticated cyber threats like ransomware and attacks on the Internet of Things (IoT) security are disrupting and negatively impacting businesses across the globe. To detect and respond to these threats, businesses often rely upon point security solutions when a communicative multi-vendor environment is required to gain end-to-end threat visibility. The Adaptive Response framework provided by Splunk Enterprise Security (Splunk ES) orchestrates a wide range of security capabilities, enabling point solutions to work better together. One example of this is through ForeScout, a Splunk partner and Adaptive Response member that gives joint customers such as Brown-Forman visibility and control of devices connecting to its network in order to detect threats and execute a response faster than ever before.

“Leveraging the ForeScout Extended Module for Splunk via Adaptive Response, we can increase our holistic data defence and security to minimise the impact of malware and data breaches,” said Clayton Colwell, associate security engineer, Brown-Forman Corporation. “With these bi-directional communications, we anticipate even higher real-time visibility. This will enable us to minimise the time and resources needed to respond to emerging threats.”

Since its launch in 2016, the Adaptive Response Initiative has brought together over 20 industry leading security domains covering a wide range of security technologies, including next-generation firewall (NGFW), endpoint security, threat intelligence, identity management, incident response and more. By working together through Splunk ES, the initiative enables customers to analyse and correlate a wide range of data across their multi-vendor environments. By leveraging Splunk’s Adaptive Response framework, these customers and partners gain insights into all relevant data, helping security analysts discover new ways to gain end-to-end context and improve security posture.

“Digital transformation is forcing organisations to strengthen their security posture through security analytics. While thousands of organisations rely on Splunk to analyse, assess and respond to threats, we cannot fight them alone,” said Haiyan Song, senior vice president of security markets, Splunk. “Security is a team sport. It is more important than ever for industry-leading technologies in our Adaptive Response Initiative to work together and help organisations detect and defend themselves from growing cyber threats. We welcome our new Adaptive Response members and look forward to working with them to satisfy this critical market requirement.”

For more information, visit the Splunk website for a complete list of security technologies involved in the Adaptive Response Initiative.

Splunk Ranked #1 in Worldwide IT Operations Analytics Software Market Share

Second Year in a Row

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced it has been ranked number one in worldwide IT Operations Analytics (ITOA) software market share for 2015 by IDC, a leading provider of global IT research and advice. The IDC report* states that Splunk® software and cloud services claimed the top market share with 28.5 percent. This is IDC’s second study of vendor revenues and market shares in the rapidly growing ITOA software market. For the second year in a row, Splunk holds the greatest share of the market.

According to the IDC report authored by Tim Grieser and Mary Johnston Turner: “The company [Splunk] achieved rapid growth driven by expansion in log management and analysis capabilities. The number of data sources, data volumes, and use cases continued to expand driving increased customer adoption. Splunk has invested in solutions for Hadoop, mobile, real-time wire, and security. Splunk supports pre-packaged content and visualisation for a variety of use cases including IT operations and APM. This is making Splunk-based analytics available to an increasing variety of IT and business users.”

“We have seen rapid adoption of Splunk IT Service Intelligence (ITSI), which helped cement Splunk’s position as the number one market share leader for 2015 in the emerging ITOA market,” said Rick Fitz, senior vice president of IT markets, Splunk. “The latest IDC report is a strong proof point for the success our customers and partners experience with an analytics-driven approach to understanding and responding to complex enterprise environments.”

Splunk Enterprise and Splunk Cloud enable organisations to consolidate silos of machine data and use analytics to improve IT service health, reduce costs, resolve problems faster and drive critical business decisions. Splunk IT Service Intelligence, built on the powerful Splunk platform, is a machine learning-powered monitoring solution that employs analytics to help organisations find root cause faster and lower mean-time-to-resolution by providing unified service visibility, detecting emerging problems, and simplifying incident investigations and workflows.

Visit the Splunk website to learn how customers like Cox Automotive, Cardinal Health, and Surrey Satellite Technology (SSTL) use analytics from Splunk ITSI to gain real-time insights and increase IT operational efficiencies. Learn more about IT Operations Analytics with Splunk Enterprise and Splunk Cloud by visiting the Splunk website.

* IDC, Worldwide IT Operations Analytics Software Market Shares, 2015: Special Report (doc #US41663816 August 2016)

Personal Use Dev/Test Licenses for Splunk Enterprise and Splunk Cloud Customers

Given customers the freedom to explore with Splunk 6.5

Want to experiment with new data sources and start new projects? Splunk will soon provide paying customers with individual Development/Test (Dev/Test) licenses of Splunk Enterprise for non-production use.

Splunk will provide paying customers with personalised 50GB, 6-month term Dev/Test licenses for non-production use. These licenses will enable individual users within the organisation to experiment with new data sources, as well as encourage other users in the organisation to try out Splunk in a frictionless manner.

These are personalised licenses that are specific to an individual user within each paid customer account. Each user can only have one active Dev/Test license at a time.

Customers can acquire these licenses starting in early November 2016. The Dev/Test license is not stackable and has certain feature limitations.

Customers should pre-register their interest with Rivium by contacting your Rivium Account Manager and we can provide you with pre-registration details.

Splunk Removes Metered Enforcement in Splunk Enterprise

To optimize customer experience and satisfaction, Splunk Enterprise will no longer shut off search when a customer goes over their licensed data ingestion capacity.

This does not change a customers agreement with Splunk. All aspects of Splunks licensing remain the same: customers will still get license overage warnings and Splunk are retaining the Right to Audit language in the end user license agreement.

In order to enable this functionality, customers will need Splunk Enterprise 6.5 inclusive of a license key with this feature. All new, upgrade, or expansion orders booked on or after September 26, 2016 will receive keys with enforcement turned off. Existing customers can receive this same benefit by upgrading to Enterprise 6.5 and requesting a “no enforcement” key from their Splunk Rep or Splunk Authorized Partner after September 26, 2016.

The disabled enforcement applies to all traditional commercial, MSP, EDU, and Non-Profit licenses. Cloud behavior will not change with this announcement. Hard software enforcement (where we shut down search capabilities) remains on Dev/Test, Free, Developer, Trial and NFR licenses.

Splunk is passionate about customer satisfaction and this will ensure Splunk is available during a customers’ most critical times of need.

For assistance with upgrading your current environment to Splunk 6.5 and to obtain a “no enforcement” key, please contact your Rivium Account Manager.

Splunk Expands Adaptive Response Initiative to Strengthen Enterprise Security

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced the expansion of the Adaptive Response Initiative. The initiative, announced earlier this year, brings together leading vendors, leveraging end-to-end context and automated response to help organizations better combat advanced attacks through a unified defense. Acalvio, Anomali, Cisco, CrowdStrike, DomainTools, ForeScout, Okta, Proofpoint, Qualys, Recorded Future and Symantec have now joined the Splunk initiative, bringing together many new capabilities to enterprise security.

“More and more organizations are embracing Splunk® Enterprise Security (ES) as the nerve center of their Security Operations Center (SOC). It is important that we enable collaborative architectures so our customers can extend analytics-driven decisions across a multi-vendor security technology stack,” said Haiyan Song, senior vice president of security markets, Splunk. “Splunk welcomes the new participants of the Adaptive Response Initiative and is excited to deliver the new framework in Splunk ES. This helps the security industry to work closer together while helping organizations to leverage intelligence and automation to better defend against attacks.”

Advanced cyber adversaries are continuously leveraging new attack methods that span multiple domains, launching devastating attacks that often leave enterprises vulnerable. Despite advancements in security technologies, most solutions are not designed to work together out-of-the-box, making it challenging to coordinate a response. By leveraging adaptive security architecture, the Adaptive Response framework in Splunk ES provides end-to-end context and automated response across twenty of the world’s leading security technologies – enabling customers to quickly detect threats and execute response.

“The pace and variety of today’s cyberattacks combined with a wide range of security tools in the typical enterprise make for a daunting challenge for security professionals. For real visibility and a truly actionable approach, enterprises demand a level of multi-vendor integration across silos and tools that goes beyond the efforts of the past,” said Scott Crawford, research director of Information Security, 451 Research. “The Adaptive Response capabilities in Splunk Enterprise Security provide the centerpiece of a flexible, ecosystem-driven approach to combat advanced attacks through a more coordinated, automated response.”

Splunk Empowers IT, Security and Business Teams with Better Data Decisions from Machine Learning

Machine Learning Capabilities Drive New Versions of Splunk Products

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced new versions of Splunk® Enterprise, Splunk IT Service Intelligence (ITSI), Splunk Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Available on-premises or in the cloud, the newest versions of Splunk solutions leverage machine learning to make it faster and easier to maximize the value machine data can deliver to organizations.

Machine learning is bringing big data analytics into a new era, and Splunk is enabling companies to use predictive analytics to help optimize IT, security and business operations. Machine learning is being integrated as a core capability of the Splunk portfolio with packaged or custom algorithms to operationalize machine data in a variety of valuable use cases such as:

Focused Investigation: Identify and resolve IT and security incidents by automatically detecting anomalies and patterns in data.
Intelligent Alerting: Reduce alert fatigue by identifying normal patterns for specific sets of circumstances.
Predictive Actions: Anticipate and react to circumstances such as proactive maintenance that might otherwise disrupt operations or revenue.
Business Optimization: Forecast demand, manage inventory and react to changing conditions through analysis of historical data and models.

“Digital transformation has changed the way that organizations work. The big secret is that all of the change is underpinned by machine data. Machine learning enables organizations to get deeper insights from their machine data and ultimately increases the opportunity our customers can gain from digital transformation,” said Doug Merritt, President and CEO, Splunk. “The enterprise machine data fabric is the foundation for managing and deriving insights from that data at scale – and only Splunk provides the end-to-end analytics platform and ecosystem to support it.”

“At Intuit, we have grown and thrived for over thirty years by constantly transforming and re-inventing ourselves. Splunk has been a key technology in our journey for nearly ten years,” said Brian Ellison, vice president and chief architect at Intuit. “Hundreds of our employees go to Splunk solutions every day for answers and insights into complex IT and business questions. Splunk’s use of machine learning will strengthen its platform and can drive more value for our employees and customers.”

“Splunk supports pre-packaged content and visualizations for a wide variety of use cases, including IT operations, security and business analytics,” said Jason Stamper, data platforms and analytics analyst, 451 Research. “This is making Splunk-based analytics available to an increasing variety of IT and business users. With a broad integration of machine learning, Splunk provides a comprehensive answer to one of the biggest challenges facing modern organizations: how to harness diverse, prevalent and increasingly profuse amounts of data to gain valuable business insights.”

Splunk Cloud and Splunk Enterprise 6.5: New Innovations in Machine Learning and Data Analysis

Splunk Cloud and Splunk Enterprise make it even faster and easier to maximize the value of machine data. Splunk Cloud and Splunk Enterprise 6.5, generally available today, now provide custom machine learning and deliver a totally new user experience for data analysis and preparation, and much more. With Splunk Enterprise 6.5, customers can:

– Harness the power of machine learning with advanced analytics delivered by a rich set of commands and a guided workbench to create custom machine learning models for IT, security and business use cases.
– Simplify data preparation and expand data analysis to a wider range of users with a new intuitive interface and table data views designed for both specialist and occasional users.
– Lower on-premises TCO through tighter integration with Hadoop. Organizations can now roll historical data to Hadoop and utilize hybrid search to analyze all of their data in Splunk.

Download Splunk Enterprise or try Splunk Cloud today. You can learn more about what’s new in Splunk Enterprise 6.5 and Splunk Cloud on the Splunk website.


Splunk ITSI: Simplify Operations, Prioritize Problems and Align IT Through Machine Learning

Splunk ITSI, built on the powerful Splunk Platform, is a machine learning-powered monitoring solution that employs analytics to help organizations find root cause faster and lower mean-time-to-resolution by providing unified service visibility, detecting emerging problems, and simplifying incident investigations and workflows. Splunk ITSI 2.4, generally available today, applies machine learning to event data to help improve productivity across IT and the business. Splunk ITSI can help organizations:

– Improve service operations with pre-built machine learning by baselining normal operational patterns to dynamically adapt thresholds, thereby reducing alert fatigue, improving analysis and increasing reliability.
– Present real-time service insights and drive decision making by prioritizing incidents through event analytics, such as multivariate anomaly detection, supported with business and services context.
– Gain a single view of operations with an intuitive interface that prevents costly customizations through the flexibility, speed and scale of the Splunk platform.

Sign up for a free online sandbox of Splunk ITSI or learn more about Splunk ITSI on the Splunk website.

Splunk ES and Splunk UBA: Advance Analytics-Driven Security with Adaptive Response and Improved Threat Detection

Splunk advances its analytics-driven security vision and security analytics leadership with the new releases of Splunk ES and Splunk UBA. Splunk ES 4.5 provides a common interface for automating retrieval, sharing and response in multi-vendor environments. Splunk UBA 3.0 delivers new machine learning models, additional data sources and content updates of use cases. Splunk security updates help customers:

– Improve detection, investigation and remediation times by centrally automating retrieval, sharing and response through Adaptive Response and analytics-driven decision making in Splunk ES.
– Simplify analysis by understanding the impact of security metrics within a logical or physical Glass Table view in Splunk ES.
– Improve threat detection with use case updates in Splunk UBA, and gain targeted detection by prioritizing outcomes generated by packaged machine learning-based anomaly detection.

Splunk ES 4.5 and Splunk UBA 3.0 will be generally available by October 31. Learn more about Splunk ES and Splunk UBA on the Splunk website.

Splunk Named a Leader in 2016 Gartner Magic Quadrant for SIEM

Splunk Positioned Furthest in Completeness of Vision in Security Information and Event Management (SIEM) Category

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced it has been named a leader in Gartner’s 2016 Magic Quadrant for Security Information and Event Management (SIEM)* for the fourth straight year. Splunk is positioned as having the furthest completeness of vision in the Leaders quadrant. Gartner evaluated the Splunk security portfolio, including Splunk® Enterprise and Splunk Enterprise Security (ES). To view the report, go to the Splunk website.

“The need for early targeted attack detection and response is driving the expansion of new and existing SIEM deployments. Advanced users seek SIEM with advanced profiling, analytics and response features,” write Gartner report authors Kelly Kavanagh, principal research analyst, Toby Bussa, research director and Oliver Rochford, research director.

“After being named a leader in the Gartner Magic Quadrant for SIEM for four years running, Splunk is honored to now be positioned furthest for completeness of vision,” said Haiyan Song, senior vice president of security markets, Splunk. “We believe this industry-leading position is a reflection of the market fully embracing an analytics-driven approach to security, a testament to the strength of our security platform and the success our customers have achieved. As we continue to introduce new capabilities such as Adaptive Response, we will further strengthen the security posture of Splunk ES as the nerve center for security operations.”

To protect against advanced threats coming from motivated attackers, many modern enterprises are using Splunk as the nerve center of their Security Operations Center (SOC), and are complementing it with the addition of Splunk User Behavior Analytics (UBA) to automatically detect cyber attacks and insider threats. This expanded analytics-driven approach helps organizations to accelerate the analysis, detection and response to threats.