Splunk Customers Find Threats Faster with Adaptive Response

Splunk and Partners to Demonstrate New Capabilities at RSA Conference 2017

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced five new members of the Splunk Adaptive Response Initiative. The growing program, initially announced last year, is a best-of-breed security initiative helping organisations better analyse, assess and respond to advanced attacks within their Security Operations Center (SOC). New members integrate security policy management, incident response and endpoint security capabilities and include AlgoSec, Demisto, RedSeal, Resolve Systems and Symantec (Advanced Threat Protection).

Increasingly sophisticated cyber threats like ransomware and attacks on the Internet of Things (IoT) security are disrupting and negatively impacting businesses across the globe. To detect and respond to these threats, businesses often rely upon point security solutions when a communicative multi-vendor environment is required to gain end-to-end threat visibility. The Adaptive Response framework provided by Splunk Enterprise Security (Splunk ES) orchestrates a wide range of security capabilities, enabling point solutions to work better together. One example of this is through ForeScout, a Splunk partner and Adaptive Response member that gives joint customers such as Brown-Forman visibility and control of devices connecting to its network in order to detect threats and execute a response faster than ever before.

“Leveraging the ForeScout Extended Module for Splunk via Adaptive Response, we can increase our holistic data defence and security to minimise the impact of malware and data breaches,” said Clayton Colwell, associate security engineer, Brown-Forman Corporation. “With these bi-directional communications, we anticipate even higher real-time visibility. This will enable us to minimise the time and resources needed to respond to emerging threats.”

Since its launch in 2016, the Adaptive Response Initiative has brought together over 20 industry leading security domains covering a wide range of security technologies, including next-generation firewall (NGFW), endpoint security, threat intelligence, identity management, incident response and more. By working together through Splunk ES, the initiative enables customers to analyse and correlate a wide range of data across their multi-vendor environments. By leveraging Splunk’s Adaptive Response framework, these customers and partners gain insights into all relevant data, helping security analysts discover new ways to gain end-to-end context and improve security posture.

“Digital transformation is forcing organisations to strengthen their security posture through security analytics. While thousands of organisations rely on Splunk to analyse, assess and respond to threats, we cannot fight them alone,” said Haiyan Song, senior vice president of security markets, Splunk. “Security is a team sport. It is more important than ever for industry-leading technologies in our Adaptive Response Initiative to work together and help organisations detect and defend themselves from growing cyber threats. We welcome our new Adaptive Response members and look forward to working with them to satisfy this critical market requirement.”

For more information, visit the Splunk website for a complete list of security technologies involved in the Adaptive Response Initiative.