Author Archive

Splunk Named a Leader in 2015 Gartner Magic Quadrant for SIEM

Splunk Is the Only Company to Improve on Completeness of Vision

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced it has been named a leader in Gartner’s 2015 Magic Quadrant for Security Information and Event Management (SIEM)* for the third straight year. Splunk was the only vendor to improve its completeness of vision from last year’s results. Gartner evaluated the Splunk security portfolio, including Splunk® Enterprise and the Splunk App for Enterprise Security , used by thousands of organizations around the world. To view the report, go to: http://www.splunk.com/goto/SIEM_MQ.

According to Gartner report authors Kelly Kavanagh, principal research analyst, and Oliver Rochford, research director, “The greatest area of unmet need is effective targeted attack and breach detection. Organizations are failing at early breach detection, with more than 92 percent of breaches undetected by the breached organization. The situation can be improved with stronger threat intelligence, the addition of behavior profiling and better analytics.”

“Splunk is the only security provider to improve on completeness of vision in the Gartner 2015 SIEM Magic Quadrant which we believe serves as the latest evidence that Splunk remains at the forefront of solving advanced and emerging SIEM use cases,” said Haiyan Song, senior vice president of security markets, Splunk. “Splunk is growing well beyond the SIEM market rate, as an increasing number of companies recognize the value of taking an analytics-driven approach to security with Splunk as the nerve center. And with our recent acquisition of Caspida, Splunk is adding machine learning-based user behavioral analytics and extending our analytics-enabled SIEM to better detect advanced and insider threats.”

To protect against advanced threats, a growing number of organizations are using Splunk security analytics to augment, replace and go beyond their legacy SIEM deployments. Splunk security solutions help organizations improve the detection, response and recovery from advanced threats by providing them with broad security intelligence from data that is collected across IT, the business and the cloud.
To view the report, go to: http://www.splunk.com/goto/SIEM_MQ.

Register now for .conf2015, the 6th Annual Splunk Worldwide Users’ Conference, featuring more than 150 sessions by 4,000 plus Splunk customers, partners, experts and employees. .conf2015 is being held September 21-24, 2015 at MGM Grand in Las Vegas.

Gartner, Magic Quadrant for Security Information and Event Management, Kelly Kavanagh, Oliver Rochford, July 20, 2015. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose .

Splunk Acquires Caspida

Extends Security Analytics Leadership by Adding Behavioral Analytics to Better Detect Advanced and Insider Threats

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced it has acquired Caspida, Inc., a leading innovator in machine learning and behavioral analytics. Under the terms of the agreement, Splunk has acquired all of the outstanding stock of Caspida for an aggregate purchase price of approximately $190 million, including approximately $127 million in cash and $63 million in restricted Splunk securities.

imgres

The combination of Splunk® and Caspida™ technology revolutionizes the security market by unifying world-class breach response with breach detection. Recent high-profile breaches show virtually all attacks happen with compromised credentials, and automated detection leveraging machine learning is the future for detecting known and unknown threats from insider and external attackers. Splunk customers now have out-of-the-box user behavioral analytics to help detect, respond to and mitigate these threats. This combination of Splunk’s leading machine data platform with Caspida software provides the most comprehensive security analytics solution available today.

“Splunk built its reputation in security by enabling customers to more effectively respond to breaches. With this acquisition, our customers can now also better detect advanced threats – the breaches that are becoming more complex and severe with each passing day,” said Haiyan Song, senior vice president of security markets, Splunk. “With Caspida, Splunk accelerates its focus on solving advanced threats – both external and from insiders – by shining a light on those who are wrongfully using valid credentials to freely and unpredictably exploit systems they have accessed. By addressing the entire lifecycle of known and unknown advanced threats, and by providing a platform to detect, respond to, and automate actions, Splunk has further reinforced its position as the security nerve center.”

Attacks with trusted access are often not detected by existing security approaches. Whether gaining access through compromised accounts/systems or leveraging existing privileges to conduct malicious activities, attackers often do not need to deploy additional malware. These activities are dynamic and attackers will find ways to evade traditional security technologies. Even if detected, security analysts must find supporting evidence, often using a kill chain methodology to identify the progression of activities from intrusion to lateral movement to exfiltration. Caspida has innovated the use of data science and machine-learning algorithms to detect advanced threats and malicious insiders – presenting the most meaningful set of threats for SOC analysts and incident responders.

“We founded Caspida with a vision of applying data science to help solve the most pressing cybersecurity challenges – advanced threats and insider threats,” said Muddu Sudhakar, CEO, Caspida. “By analyzing machine data and using data science to detect meaningful anomalous behavior of users, devices and entities, Caspida has solved a problem that previously required significant manpower and expensive, do-it-yourself toolsets. We are very excited to join the Splunk family and deliver new detection capabilities to customers.”

Key capabilities of the combination of the Splunk and Caspida solutions include the ability to:

Detect Advanced, Hidden and Insider Threats Out-of-the-Box Using Data Science
– Continuous threat and anomaly detection that applies multi-domain analysis using machine learning.
– Uncovers hidden breaches and new attacks out-of-the-box without extensive customization.

Improve Threat Detection with Targeted Incident Response
– Provides threat activities relative to the kill chain with supporting evidence to enable targeted remediation.
– Detects multi-domain (user, device and traffic applications) anomalies and streamlines threat review and incident resolution.

Dramatically Increase SOC Efficiency
– Scores and highlights the most important threats and anomalies to minimize alert fatigue.
– Detects and provides insights on threats and suspicious activities to complement and extend threat intelligence.

Learn More: http://www.splunk.com/en_us/investor-relations/acquisitions/caspida.html

Operational Intelligence Plays Key Role in Managing Increasing IT Complexity

Quocirca Report Finds Top IT Concerns for European Businesses; Identifies Complacent Approach to Security

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced the results of new research in a report titled Masters of Machines II, from analyst firm Quocirca. Findings show that European organisations with the strongest Operational Intelligence capability are most likely to conquer the complexity of the fastest growing IT concerns. These concerns include security threats (up 25 per cent since 2013), data chaos (up 22 per cent) and poor customer experience (up 21 per cent), all of which contribute to an increasingly complex landscape for IT managers.

“A post-financial crisis easing of budgetary constraints means IT departments are refocusing on delivering value to the business, including delivering better customer experience as interaction becomes reliant on multiple channels,” said Bob Tarzey, analyst, Quocirca. “Supporting this cross-channel experience results in growing IT complexity and greater volumes of machine data, which, if unmanaged, increases data chaos. However, if this data is collected and analysed it can provide better insight through improved operational intelligence, enabling those with the capability to reap the benefits: better security awareness, higher system uptime and improved customer service levels.”

The report identifies three areas in which Operational Intelligence can help conquer complexity:

IT infrastructure complexity: The increasing use of cloud services adds to IT infrastructure complexity as systems are becoming more hybridised and organisations struggle to get equal insight into both on-premise and cloud-based infrastructure. As organisations move to more heterogeneous and complex IT platforms, they are turning to Operational Intelligence to provide the necessary management insight.

The cross-channel customer experience: With 68 per cent of organisations having a ‘high’ or ‘medium’ reliance on the cross channel experience, businesses have to deal with increased volumes of data from these channels including mobile apps, social media and sensor-based devices. Organisations that are reliant on the cross-channel experience are more likely to rely on Operational Intelligence to provide hard-to-gain insight into user behaviour.

Security: The biggest and fastest growing IT management concern in both 2013 and 2015 was security threats through compromise of IT systems. While Operational Intelligence helps conquer complexity, it also leads to greater concerns about IT security as those with insight into the threats they face are less complacent than those who lack such insight.

“Splunk customers gain real value in many areas of their business by harnessing machine data for real-time operational insights,” said Adam Bangle, vice president, EMEA, Splunk. “It is no surprise that organisations with the strongest operational intelligence capability are best equipped to deal with the complexities of the modern IT landscape.”

Splunk Enterprise Wins 2015 SC Award for Best Fraud Prevention Solution

SAN FRANCISCO – April 23, 2015 – Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced Splunk® Enterprise was selected as the Best Fraud Prevention Solution in the U.S. 2015 SC Awards. This is the fourth consecutive year that Splunk has been recognized by SC Magazine – with Splunk Enterprise winning awards in both the U.S. and Europe. Splunk Enterprise was chosen by a cross-section of SC Magazine readers that selected the finalists and winners in the Reader Trust Award categories. Learn more about Splunk Enterprise and the Splunk App for Enterprise Security on the Splunk website.

“The answer to fraud, theft, and abuse detection and prevention lies within machine-generated big data, which is why so many companies, universities and government agencies now rely on Splunk Enterprise and security solutions on-premises or in the cloud to discover and protect against malicious exploits by external and internal attackers,” said Haiyan Song, senior vice president of security markets, Splunk. “In close collaboration with our customers, we continue to innovate rapidly with the security and fraud solutions that give them the upper hand in protecting their organizations and their own customers. We are honored that SC Magazine’s readers have once again recognized Splunk as a security leader.”

“The Reader Trust Award is unique because it represents the voice of the people who are using these products and services every day,” said Illena Armstrong, vice president, editorial, SC Magazine. “Splunk Enterprise was chosen as the Best Fraud Prevention Solution winner for its ability to meet and exceed the needs of its customers.”

The SC Awards, now in its 18th year, is lauded as one of the most prestigious awards for IT security professionals and products. The awards recognize the best solutions, services and professionals that work around the clock to defend against the constantly shifting threat landscape in today’s marketplace. For more information and a detailed list of categories and winners, please visit www.scmagazineus.com/awards.

Splunk Announces International Availability of Splunk Cloud on Amazon Web Services

Customer Demand Drives Expansion to 10 AWS Regions

SAN FRANCISCO and AWS SUMMIT, LONDON – April 15, 2015 – Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced that Splunk Cloud™ is generally available (GA) internationally through nine Amazon Web Services’ (AWS) global regions and will be available soon in AWS GovCloud for U.S. government agencies, contractors and businesses. Splunk Cloud has gained significant traction as an enterprise-ready cloud service with a 100 percent uptime service level agreement (SLA). Splunk Cloud offers enterprise scalability of 10+ Terabytes per day. Experience the power of Splunk Cloud first-hand today through the free Splunk Online Sandbox.

“Splunk is a long term, innovative AWS Technology Partner and we are excited to see them extend their reach to new geographies,” said Terry Wise, vice president of worldwide partner ecosystem, Amazon Web Services, Inc. “By ‘going-global’ on AWS, Splunk is able to serve the needs of organizations worldwide, including those moving mission-critical production workloads to the cloud. We are excited to see Splunk’s global footprint increase as we launch more AWS regions around the world.”

“As organizations make a seminal shift to the cloud, we are pleased to extend Splunk Cloud internationally with AWS,” said Marc Olesen, senior vice president and general manager of cloud solutions, Splunk. “Organizations in countries around the world can now take advantage of centralized visibility across cloud, on-premises and hybrid environments with all the benefits of software-as-a-service (SaaS).”

International Customers Gain Operational Intelligence with Splunk Cloud

Customers in nine of AWS’ global regions will be able to gain significant value from Splunk Cloud across all Splunk use cases, including IT operations, application delivery, security, compliance and business analytics. Customers running Splunk Cloud include 1-800-FLOWERS.COM, Chicago Public Schools, Katana1, Lennar Corporation, MindTouch, Polycom, Republic Services Inc., Sophos, theScore and Washington Post.

“Splunk Cloud gives us the analytics we require to support our new Security Operations Center (SOC),” said Ross McKerchar, cybersecurity manager, Sophos. “My team relies on Splunk for real-time reporting, alerting and investigative capabilities to complement Sophos technology and help us protect the business, so we need a reliable solution we can count on 24/7. Splunk Cloud delivered from within the EU provides us the industry leading platform for operational intelligence and security delivered as a high-performance, enterprise-ready cloud service.”

“Splunk Cloud is the backbone of our advanced marketing analytics solution, OptimaHub, and helps us to deliver insights like new product opportunities to the C-suite,” said Nick Russell, co-founder and managing director, Katana1. “We chose Splunk Cloud to take advantage of the ease of management and cost efficiencies a SaaS model offers. Splunk Cloud was easy to get up and running, and it delivers all the same features, benefits and insights of Splunk Enterprise as a reliable, high-performance cloud service.”

“Splunk Cloud is used across Polycom from IT to our services and business centers and delivers invaluable insights with a strong return on investment,” said Garrett Zorigian, director, services strategy and design, Polycom. “Splunk Cloud, being a cloud service run on AWS, saves us upfront resource costs by managing the associated IT infrastructure and also enables us to reallocate our resources more efficiently across the company. For instance, our internal Splunk team spends no time working on administrative IT duties. Instead, they focus solely on delivering analytics services that directly improve the customer experience and Polycom’s workforce communications and collaboration solutions.”

Splunk Cloud includes access to all features of the award-winning Splunk Enterprise platform, including apps, APIs, alerting and role-based access controls. Key features and benefits of Splunk Cloud include:

Instant: Instant trials through an online sandbox and rapid conversion from proof-of-concept to production.
Secure: SOC2 Type 2 certification with dedicated environments for every customer.
Reliable: 100 percent uptime SLA and 10+ TB/day scalability.
Hybrid: Centralized visibility across Splunk Cloud (SaaS) and Splunk Enterprise (software) deployments.

Splunk Builds Strong Traction in Healthcare

Hundreds of Healthcare Institutions Around the World Rely on Splunk for Operational Intelligence

SAN FRANCISCO and HIMSS15 – April 13, 2015 – Leading healthcare institutions around the world are turning to Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, to protect patient data, ensure regulatory compliance and better serve their patients. More than 375 healthcare institutions including Baylor Healthcare System Foundation, Health and Social Care Information Centre (HSCIC), Duke Medicine, Hospital Corporation of America (HCA) and Middlesex Hospital are using Splunk software across a variety of use cases – including application delivery, security, compliance, IT operations, business analytics and the Internet of Things to gain insight from machine data.

Splunk Enterprise recently won Healthcare Informatics’ Leading Edge Award for its broad applicability across business and IT environments in the healthcare industry. Splunk has an ecosystem of apps to help healthcare providers further accelerate the value that they gain from machine data. An example is the partner-developed HIPAA Privacy and Security Scout for Splunk Enterprise available on Splunkbase. Splunk also has ONC-HIT certification as a module for Electronic Health Records audit reporting.

“The digitization of healthcare with electronic health records, healthcare information exchanges, patient portals and connected medical devices is driving massive growth in machine data,” said Tapan Bhatt, vice president of solutions marketing, Splunk. “Healthcare organizations choose to use Splunk software to help them comply with regulations such as HIPAA, to monitor performance and uptime for clinical applications and to gain insights into data from connected medical devices.”

HSCIC uses Splunk Enterprise to monitor performance, investigate issues and provide reporting to ensure services are running smoothly on the Spine, a collection of national applications that connects clinicians, patients and local service providers throughout England to essential national healthcare services. Other customers rely on Splunk software as a platform across multiple departments and teams.

“Splunk has quickly become an integral part of the big data platform at HCA,” said Shane Newman, senior Splunk engineer, HCA. “We have developed and implemented dozens of real-time solutions for IT infrastructure, enterprise security, patient privacy, medical devices and clinical applications – empowering executive leadership and key stakeholders to make timely data-driven decisions to improve healthcare service delivery.”

“Splunk has transformed auditing and compliance reporting of our electronic healthcare records by tying together data from several EHR systems under a single platform,” said Ant Lefebvre, senior systems engineer, Middlesex Hospital. “Using Splunk Enterprise, we can maintain the highest levels of patient privacy, while also supporting compliance, security, IT operations and healthcare informatics, delivering value to several teams at Middlesex Hospital.”

Learn what Splunk can do for your organization at HIMSS15 in the Knowledge and Intelligence Center (Booth 5484-11) as well as in the HIMSS15 Cybersecurity Command Center (Booth 8175-15). Splunk will be presenting at HIMSS15 on Tuesday, April 14, 10:45 – 11:15 a.m. in the Knowledge and Intelligence Center and on Wednesday, April 15, 3:15 – 3:45 p.m. in the Cybersecurity Command Center.

Splunk Announces Splunk Light for Small IT Environments

New Product Delivers Log Search and Analysis Starting at $US75 per Month

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced Splunk Light™, a new and more affordable way for individuals and small IT environments to get started with Splunk software. Splunk Light leverages powerful Splunk technology for log search and analysis and is designed to be downloaded, installed and configured in minutes. Pricing starts at $75 per month (billed annually). Purchase Splunk Light today or get started with the free version, and watch the Splunk Light video to see how it can help IT teams deliver immediate value to their organizations.

“Splunk was founded on the belief that every IT professional can benefit from the power of machine data. Splunk Light continues to deliver on that vision,” said Guido Schroeder, senior vice president of products, Splunk. “Splunk Light offers an affordable way for everyone to instantly gain visibility, insights and value from their machine data. Splunk Light simplifies the searching and monitoring of log files for IT managers and system administrators – helping them to keep the lights on, save time and quickly put out IT fires.”

“Splunk is aiming to fill a new niche with Splunk Light by providing smaller organizations a centralized way to do log search and analysis,” said Tim Grieser, program vice president, Enterprise System Management Software, IDC. “Creating an entry-level version of an established product is a difficult challenge. Splunk Light seems to have hit the mark with a product packaged and priced for the mid-tier market that is easy to install and provides ease-of-use features.”

Big Impact for Small Teams

Many organizations realized significant value from Splunk Light during the beta program.

“At Cure 4 The Kids Foundation, we are managing historical and real-time data related to curing and preventing all types of childhood diseases. In order to respond most efficiently to the needs of these children, it is critical we have deep visibility into all the data that impacts their healthcare,” said Jamey Felsing, director of IT, Cure 4 The Kids Foundation. “Until Splunk Light, critical data visibility came at a big cost — we can now set up dashboards and reports easily and quickly and at a price that fits our budget.”

“Splunk Light centralized several internal and external IT systems so we could monitor all of our log data from a single pane of glass for the first time ever,” said Steve Stringham, network services director, Keystone Enterprise. “With all our data in one place and such sudden deep visibility into it, we were able to precisely pinpoint and prioritize issues. Splunk Light will enable us to better service our external customers by troubleshooting and resolving issues more efficiently.”

“With its simple query capabilities, Splunk Light enabled us to quickly and easily analyze and run reports on 3 gigabytes of log file data per day and saved us many hours that were previously spent
writing scripts to extract information from the log4 data,” said Mike Mosler, senior software engineer, Sequent Software. “Splunk Light is also super easy to install and configure. We were up and running in less than 20 minutes and loved the intuitive, easy-to-use interface that gave us deep visibility and led us directly to issues we needed to solve within our application.”

Splunk Light is an integrated solution that enables small IT teams to leverage the proven power of Splunk Search Processing Language (SPL™) to gather real-time log data from their distributed systems in one place so they can proactively resolve problems and spend less time fighting fires.

Splunk Wins Big Data and Cloud Awards

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced that Emilio Umeoka has been named to the list of the 2015 CRN Channel Chiefs while the company is recognized by CRN as one of The 20 Coolest Cloud Software Vendors of 2015. In addition, Fast Company has ranked Splunk as one of the World’s Ten Most Innovative Companies in big data for the third straight year.

“We are excited to once again be named one of the Most Innovative Big Data Companies,” said Steve Sommer, chief marketing officer, Splunk. “We are amazed every day by the unique, innovative ways our customers continue to find to leverage Splunk software to generate valuable insights from their data.”

Each year, Fast Company ranks the Top 10 Most Innovative Companies in a variety of categories, including Big Data. The list recognizes those organizations that are pioneering the world of data analytics through positive and original use cases.

“It is an honor to be recognized as a Channel Chief, but this award speaks more about Splunk’s entire channel team and all of our partners,” said Emilio Umeoka, vice president Asia Pacific and worldwide partners, Splunk. “There is an incredible opportunity to gain insight from machine data and today’s organizations require a thriving partner ecosystem with significant domain expertise and services to do just that.”

The annual CRN Channel Chiefs list honors influential executives who are among the most powerful leaders in the IT channel and who hold direct responsibility for driving growth and revenue through channel partners. Winners are selected based on their track record of channel accomplishments, standing in the industry, dedication to the partner community and plans for driving future business innovation and channel growth.

Splunk Introduces Pricing for Enterprise-wide Deployments

New License Model Accelerates Adoption and Value of Splunk Enterprise Across the Organization

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced that customers of any size can now purchase unlimited licenses of Splunk® Enterprise and benefit from fixed, predictable costs as they expand their use of Splunk software. By offering unlimited enterprise adoption agreements (EAAs), Splunk is providing customers with an additional, new licensing option that is independent of data volumes and use cases, providing pricing predictability as organizations drive broad-based adoption across all of their machine data use cases. Unlimited EAAs increase the value organizations can gain from Splunk software by collecting, analyzing and acting on machine data generated across a wide variety of use cases – without license limits on the amount of data they are ingesting.

“Our customer base is experiencing explosive data growth and needs Splunk to help them tap into the value of all of their machine data,” said Godfrey Sullivan, Chairman and CEO, Splunk. “Splunk has always embraced simple pricing to help fuel our customers’ success, and we have been focused on continually driving down the cost of collecting, indexing and analyzing data in Splunk software. This new licensing model further removes barriers and encourages organizations to gain insights from all of their machine-generated big data by standardizing on Splunk Enterprise.”

An unlimited EAA enables organizations to deliver the most value from their machine data by utilizing Splunk Enterprise as a platform for machine data for the entire business and across diverse, high-value use cases such as IT operations, application delivery, security, business analytics and the Internet of Things. The unlimited EAAs also include support, education and professional services to help customers realize the maximum value from their Splunk investment. The unlimited EAA is Splunk’s latest move to make it easier for organizations to take advantage of their machine data. Last year, Splunk doubled license capacity at entry levels of Splunk Enterprise and also reduced the cost of Splunk Cloud by 33 percent.

Splunk Enterprise Voted Best Business Application

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced that Splunk® Enterprise has been named Best Business Application at the fifth annual V3 Technology Awards. The awards recognize the best products, vendors and individuals in the U.K. technology industry. Splunk Enterprise was shortlisted in the Best Business Application category by the V3 editorial team and the winners were decided based on votes from V3 readers.

“This win means a great deal to us because it is decided by the readers – the people who understand how use of our technology enables new insights that drive the business,” said Matt Davies, senior director, EMEA marketing, Splunk. “Splunk Enterprise enables organizations to improve service levels, reduce operations costs, mitigate security risks, enhance DevOps collaboration, create new product and service offerings and obtain deeper insight into customer behavior. Being named Best Business Application underlines the value Operational Intelligence delivers to our customers.”

“Splunk was up against tough competition in the Best Business Application category at this year’s awards, against firms such as Oracle and Salesforce.com,” said Madeline Bennett, editor, V3. “The fact that Splunk Enterprise received the award is testament to the firm’s caliber in the data analysis space. And as the awards are voted for by the V3 readership, it shows that Splunk customers and IT professionals highly rate the firm’s products.”

V3.co.uk provides an online audience of over 500,000 technology professionals with up-to-the-minute news, reviews and analysis written by a team of expert IT journalists in the U.K. and Silicon Valley. V3.co.uk is published in the U.K. by Incisive Media, the trading name of Incisive Financial Publishing.