News

Detect, Investigate and Act on All Threats Faster with Splunk Security Solutions

Splunk Ecosystem Puts the Operations Back in the Security Operations Center

SAN FRANCISCO AND .conf18, ORLANDO – October 2, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from any data, today announced new innovations across its security portfolio that will help make it easier and faster for security teams to detect, investigate and act on cyber threats to protect their organizations. Powered by new features such as security automation, orchestration and response (SOAR), the Use Case Library and Event Sequencing, Splunk® Security solutions help organizations take a more holistic approach to security operations from detection to automated machine-speed response.

“As security threats increase in both velocity and complexity, our customers have a more urgent need to take action on their data so they can respond to vulnerabilities at machine speed,” said Haiyan Song, senior vice president and general manager of security markets, Splunk. “The next generation of Splunk’s security portfolio provides a security operations platform, making Splunk’s vision of a security nerve center a reality. The combination of Splunk ES, Splunk UBA and Splunk Phantom enables our customers to protect their organizations more effectively than ever before.”

The global economy continues to rapidly digitize, creating oceans of security-relevant data and ever-growing digital footprints. In parallel, a rising volume of cyber criminals executing increasingly sophisticated, automated attacks are challenging Security Operation Centers (SOCs) to keep up with the new attack surface, which lives on premise and in the cloud. Splunk Security solutions allow customers to see the entire threat versus an individual incident.

The Combined Power of Splunk Enterprise Security (ES), Splunk User Behavior Analytics (UBA) and Splunk Phantom

Splunk’s expanded suite of security solutions announced at .conf18 helps security analysts monitor, visualize, detect, investigate and act on internal and external threats via Splunk’s industry-leading security information and events management (SIEM) platform. Following Splunk’s acquisition of Phantom earlier this year, customers can now also take action on their data via Phantom’s security SOAR technology.

Splunk unveiled a range of new features to its flagship SIEM platform, including new event sequencing, which groups correlation searches and risk modifiers to optimize threat detection and accelerate investigations, and a new Use Case Library, which gives Splunk ES customers ready-to-use, research-driven and actionable security content that is relevant to their security operations. The Splunk ES Use Case Library gives customers an automatic way to discover new use cases, such as adversary tactics, cloud security, abuse or ransomware, to determine how to take action on threats within their own environment.

“Insider threats and external cyberattacks continue to have a costly impact on businesses and consumers alike. To build resiliency, organizations are recognizing that they need an analytics-driven security platform that merges security information and event management (SIEM) and user behavior analytics (UBA) functionality,” said Robert Boyce, managing director, Accenture Security. “Organizations are continuing to digitize rapidly, and clients need to look at threats across their value chain, so they can focus on the right threats, at the right time. Accenture is helping our clients improve cyber resilience by providing deep industry-specific solutions that use Splunk’s Use Case Library in Splunk ES and advanced anomaly scoring in Splunk UBA.”

“If you want to stay secure from today’s cyber threats, data analytics must be at the heart of your security strategy,” said Steve McMaster, director, managed security services, Hurricane Labs. “New Splunk ES features such as Event Sequencing and Use Case Library will provide immediate value in our SOC, helping to find and remediate threats faster. We look forward to expanding our use of Splunk and working with our customers to as they continue to embrace an analytics-driven approach to security.”

Splunk Phantom’s SOAR technology helps customers work smarter and respond faster, aiding SOCs to orchestrate tasks and automate complex workflows. With Splunk Phantom 4.0, customers gain access to a wide range of new features including clustering support, which helps customers scale their operations; a new indicator view, which gives analysts a threat-intelligence-centered way to perform investigations; and improved onboarding, which enables customers to take action with Splunk Phantom within minutes of deployment.

“Data is digital gold for every security team, but if you really want to lead with an analytics-driven approach to security, it’s essential that you can take action on the data you are ingesting,” said Sebastian Goodwin, senior director of cybersecurity, Nutanix. “Splunk Phantom has been a critical component of our SOC, enabling us to automate and orchestrate a response to security threats when we need to. New additions to Splunk Phantom, such as clustering support, will help us continue to scale our SOC and respond to threats – an absolute must as cyber criminals continue to get smarter and faster.”

Nearly half of all security breaches identify malicious insiders or criminal attacks as the root cause for data breaches. Splunk UBA 4.2 further extends the power of Splunk ES, helping analysts leverage machine learning to find internal and external threats and anomalous user behavior. New features in Splunk UBA 4.2 include user feedback learning, which enhances Splunk UBA anomaly model scoring to improve severity and confidence in threat detection; improved data ingestion performance by up to 2x, which strengthens data quality; and new single-sign-on authentication support, which helps SOC teams maintain compliant access controls across their security nerve center.

Splunk Adaptive Operations Framework

Splunk also announced the launch of the Splunk Adaptive Operations Framework (AOF). An evolution of the Splunk Adaptive Response Initiative, enhanced with the flexible API-driven framework from Splunk Phantom, Splunk AOF is the industry’s largest community of innovative security vendors, committed to improving cyber defense and security operations. With Splunk AOF, organizations can leverage Splunk in tandem with over 240 security technologies to ingest structured or unstructured data from any source, drive coordinated decisions supported by analytics and take action across a comprehensive range of technologies in the SOC.

Splunk ES 5.2 and Splunk UBA 4.2 will be generally available on October 16, 2018, while Splunk Phantom is available for free download today. For more information on Splunk security solutions, visit the Splunk website.

Splunk Powers Predictive IT for a Dynamic and Evolving World

New Version of Splunk ITSI Enables Unified View of Critical IT and Business Services and Enhanced Automation Capability through AIOps

SAN FRANCISCO AND .conf18, ORLANDO – October 2, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, today announced a new version of Splunk® IT Service Intelligence (ITSI) that can help IT teams better predict and prevent problems. Splunk ITSI is a machine learning-powered monitoring and analytics solution that gives IT teams a way to quickly and easily detect emerging problems and simplify or automate incident investigation and workflows across all data sources. The new version of Splunk ITSI, which is now generally available, improves predictive analytics through a series of new capabilities.

“IT environments are complex and dynamic, and IT teams are constantly under pressure to make sense of their data and take action” said Rick Fitz, senior vice president and general manager of IT markets, Splunk. “The ability to use machine learning and artificial intelligence to predict service degradation and prevent issues allows these teams to focus on driving value for the business. We make smart IT teams smarter with a platform that brings together all the data to provide complete visibility.”

“TransUnion uses Splunk Enterprise, the free Splunk Machine Learning Toolkit, and now Splunk ITSI to reinforce system uptime, which helps us complete more customer transactions. High performance means keeping our customers satisfied while maximizing revenue,” said Steve Koelpin, lead Splunk engineer, TransUnion. “Splunk’s machine learning capabilities enable us to forecast, predict and specifically improve our transaction performance in real time.”

Artificial Intelligence (AI) Enables Predictive Analytics and a Unified View of Critical IT and Business Services

Built on the Splunk platform, Splunk ITSI 4.0 provides a solution for AIOps and helps customers go from reactive to predictive IT. This eases the frustration and lost productivity that IT teams encounter when issues and service degradation occur so that they can focus on innovation. Splunk ITSI’s latest monitoring and analytics features and integrations enable IT teams and leaders to better manage their IT environments to maximize organizational performance.

– KPI Predictions provide deeper insights into a potential health degradation. Utilize the breadth of data in the platform to help predict KPIs like customer experience, application workload and infrastructure health, in order to identify issues or outages in advance.

– Predictive Cause Analysis helps customers drill down into the specific services underlying a predicted issue to proactively remediate and resolve it before customer experience is impacted.

– Robust Integration with VictorOps, which Splunk recently acquired, streamlines the monitoring, detection, alerting, and response process so that the right people can be engaged with timely information to collaboratively resolve an issue.

“With Splunk ITSI, our networking teams no longer need to constantly watch a dashboard all day long because the predictive analytics give them enough time to identify and engage operational resources to resolve IT issues before they occur,” said Chris Crocco, Lead Solutions Engineer, Viasat. “The team now has more resources and time to focus on other initiatives in a way that they haven’t been able to do before.”

Integration with Splunk App for Infrastructure Brings IT Monitoring Across Entire Organization

With Splunk ITSI 4.0. Customers are now able to use Splunk App for Infrastructure with an easy interface from Splunk ITSI. This gives customers access to a full-scale monitoring platform that can correlate their server data across the entire organization. Splunk App for Infrastructure gives system administrators and site reliability engineers a unified approach to monitoring and troubleshooting. Customers can now also access Splunk App for Infrastructure data directly from Splunk ITSI to get more detail at the server level. You can download the Splunk App for Infrastructure on Splunkbase.

For more information on Splunk IT solutions, visit the Splunk website.

Splunk Disrupts IT Infrastructure Monitoring With New Inexpensive Product to Keep Businesses Running

Splunk Insights for Infrastructure Unifies Metrics and Logs to Monitor IT Performance at Low Cost and Free for Small Environments up to Approximately 50 Servers

SAN FRANCISCO – May 1, 2018 – Splunk Inc. (NASDAQ: SPLK), first in delivering “aha” moments from machine data, today announced the general availability of Splunk® Insights for Infrastructure. The new product answers the call for a low-cost way to easily enable systems administrators and DevOps teams to automatically correlate metrics and logs to monitor IT. Splunk Insights for Infrastructure takes minutes to get up and running and is free for small environments up to approximately 50 servers (200GB in total storage). Additional storage capacity can be purchased incrementally, starting at only $3,750 per year.

“Splunk Insights for Infrastructure provides a simple and effective entry point for teams that are just beginning to unlock the power of Splunk Enterprise,” said Todd Kulick, vice president of technology, TiVo. “Splunk Insights for Infrastructure provides a clear and powerful way to view our entire infrastructure or to ‘zoom into’ views of a single machine or small portion of our service, so we can find and fix problems before they affect customers.”

“Splunk is credited with inventing log monitoring, and Splunk Insights for Infrastructure reinvents the entire market by making it faster, easier and more affordable than ever for systems administrators and site reliability engineers to identify and correct infrastructure problems,” said Rick Fitz, senior vice president and general manager, IT Markets, Splunk. “Splunk Insights for Infrastructure redefines what customers should expect from monitoring and enables them to provide their customers with a positive digital experience while keeping their budgets to a minimum.”

Reduces Complexity in IT Monitoring

In many cases, the underlying infrastructure makes it difficult for IT Operations and DevOps teams to quickly and easily identify and correct problems. By automatically correlating metrics and logs in one product, Splunk Insights for Infrastructure provides immediate visibility into system performance, enabling customers to quickly detect problems and identify trends.

“Splunk Insights for Infrastructure cleverly combines metrics and logging for a more complete view of infrastructure performance,” said Daryl Robbins, senior cloud architect, Entrust Datacard. “We can use this product to see unusual behavior such as a CPU spike and correlate it with logs to troubleshoot problems much more quickly.”

Easy to Download and Buy – Accessible and Inexpensive Route to Splunk Enterprise

As part of the Splunk Insights product series, which is designed to address use cases with a customized experience that makes it easy for customers to start quickly and affordably, Splunk Insights for Infrastructure bases pricing on storage and includes a free tier (up to 200GB of storage) sufficient for many small teams. As needs grow, all Splunk Insights provide an upgrade path to Splunk Enterprise to leverage machine data and artificial intelligence for multiple use cases.

New customers have the flexibility to download Splunk Insights for Infrastructure directly from Splunk or through authorized Splunk Partner+ partners.

“Splunk Insights for Infrastructure offers partners an excellent opportunity to engage with prospects in a positive first experience,” said Matt Rochford, vice president, technology & alliances, Arrow ECS, North America. “It also permits the customer to expand their use cases as their data driven strategy matures.”

“Splunk Insights for Infrastructure gives us a compelling, easy-to-implement offering that allows our prospects to get up and running with infrastructure monitoring quickly while setting the stage for us to solve additional digital transformation problems,” said Judd Robins, executive vice president, sales, TekStream. “This is a business approach that creates a win-win-win for our prospects, our business, and Splunk by reducing the complexity of deployment and bringing value in a very short period of time.”

Splunk Customers Accelerate Business Value Through Artificial Intelligence

New Versions of Splunk Enterprise, Splunk Cloud, Splunk ITSI, Splunk UBA and Splunk Machine Learning Toolkit Now Available

SAN FRANCISCO – April 24, 2018 – Splunk Inc. (NASDAQ: SPLK), first in delivering “aha” moments from machine data, today announced new and expanded artificial intelligence (AI) capabilities across its product portfolio. With the power of AI, Splunk customers can use Splunk solutions to help boost their profitability, performance and security. Splunk also expanded integration capabilities with open source software and cloud-native technologies as part of its ongoing commitment to provide a true, open machine data platform for customers. To learn more and experience Splunk® Enterprise and Splunk Cloud™, visit the Splunk website.

“Organizations frequently consume high amounts of staff time and resources to monitor, analyze and respond to IT operational alerts. Splunk’s new AI enhancements, including the ability to correlate metrics and activity data, enable customers to get answers from their machine data more efficiently,” said Tim Tully, chief technology officer, Splunk. “Our latest wave of innovation is intended to arm customers with the tools needed to translate AI into actionable intelligence. While AI and machine learning often seem like unattainable and expensive pipe dreams, Splunk Cloud and Splunk Enterprise now make it easier and more affordable to monitor, analyze and visualize machine data in real time.”

Splunk Platform Helps Accelerate Customers’ Digital Transformation Through AI and an Expansive and Open Ecosystem

Splunk Cloud and Splunk Enterprise 7.1 deliver AI through machine learning to help customers monitor, search and alert on the critical information organizations need to accelerate their business. These latest releases include an updated metrics engine to power customers’ ability to monitor and alert on numeric data points – from CPU speeds and available hard disk space in a complex IT environment, to temperature readings in Internet of Things (IoT) devices and sensors. The latest versions are also the only enterprise-class data analytics solutions that can ingest petabytes of data per day, as well as search, monitor and alert on that data in real time. With these enhancements, users are better positioned to make sense of their machine data to predict future IT, security and business outcomes.

Splunk Cloud offers customers maximum control and real-time access to their data. This Splunk Cloud release features Dynamic Data: Self-Storage, arming customers with the flexibility to move data from Splunk to their own Amazon S3 storage environment.

“At T-Mobile we’re all about putting customers first, and with Splunk Enterprise we can ensure our customers get the best experience possible when they’re activating a phone, making a call or paying a bill,” said Jonathan Silberlicht, senior director, network service management, T-Mobile. “For example, with the new Splunk Connect for Kafka, we are expanding our real-time analytics capabilities, in turn empowering our front line to make better informed decisions when serving customers. We plan to continue to rely on Splunk Enterprise, Splunk IT Service Intelligence and Splunk Machine Learning to help us scale at Un-carrier speed.”

To expand its open technology ecosystem, Splunk introduced new data integrations with open source software projects and cloud-native technologies including:

Splunk Connect for Kafka integrates the Splunk platform with Apache Kafka, a highly scalable and reliable method for handling real-time streaming data.
Splunk Connect for Kubernetes and Splunk Connect for Docker unify the Splunk platform with the leading solutions for automating deployment, scaling and management of containerized applications.
“Splunk Connect for Kafka will improve our investigation of web activity, performance and security use cases,” said John Swanson, security incident response manager, GitHub. “We’re now able to ingest large, near-real-time data streams and are consuming terabytes of logs from our Kafka cluster into Splunk Enterprise every day.”

Splunk Machine Learning Toolkit Adds Experiment Management Interface and New Algorithms for Pattern Prediction

Splunk is also announcing a new Experiment Management Interface for its Machine Learning Toolkit (MLTK). This interface makes it easier to view, control, evaluate and monitor the status of machine learning experiments. The latest Splunk MLTK also includes new algorithms for identifying patterns and determining the best predictors for training machine learning models.

“Hyatt uses machine learning in Splunk Enterprise to predict when and where we should act fast or plan differently to best serve our customers,” said Cesar Mendoza, application development manager, strategic systems and innovation, Hyatt. “We used the free Splunk Machine Learning Toolkit to benchmark typical Wi-Fi usage from customers across hotel sites, and used that baseline to spot low traffic. We immediately contacted our wireless service provider to correct connection issues before our customers had to call us. We’re using artificial intelligence through Splunk to more proactively serve our customers in this way every day.”

Splunk IT Service Intelligence (ITSI) Predicts Outages and Service Health and Splunk User Behavior Analytics (UBA) Accelerates Threat Identification via Machine Learning

In the latest release of monitoring and analytics solution Splunk ITSI, customers can leverage AI to help predict imminent outages and how their service health could be impacted by these outages before they occur, reducing the risk of negative impact to end-customer experience and revenue. Splunk ITSI also applies machine learning to help reduce event noise and automatically identify the events that are most business critical, so that customers can resolve those first. Similarly, the Splunk UBA updates include new machine learning models and enhancements to existing models to help customers identify and address time-sensitive security problems and insider threats more quickly.

Prescriptive Solutions Help Customers Solve Unique Challenges

New solutions focused on the IoT and other use cases are helping Splunk customers solve defined challenges. Splunk recently announced the limited availability release of Splunk Industrial Asset Intelligence, which helps manufacturers monitor and analyze industrial IoT data in real time.

Continuing this prescriptive approach, the Splunk Essentials series are free, easy-to-install applications that show users exactly how to use Splunk Enterprise and Splunk Cloud to address mission critical use cases. Splunk Security Essentials covers use cases such as brute force detection, malware and General Data Protection Regulation (GDPR) compliance while Splunk Security Essentials for Fraud Detection covers use cases such as healthcare insurance billing and wire transfer fraud. Both applications and forthcoming Splunk Essentials are available for free at https://splunkbase.splunk.com/.

Splunk Brings Industrial IoT Data to Life with Splunk Industrial Asset Intelligence

Transform Industrial Operations with Real-Time Monitoring and Predictive Analytics

SAN FRANCISCO – April 10, 2018 – Splunk Inc. (NASDAQ: SPLK), first in delivering “aha” moments from machine data, today announced the limited availability of Splunk Industrial Asset Intelligence (IAI), its first Internet of Things (IoT) solution. Splunk® IAI helps organizations in manufacturing, oil and gas, transportation, energy and utilities monitor and analyze industrial IoT data in real time to create a simple view of complex industrial systems while helping to minimize asset downtime.

Around the world, manufacturers are increasingly looking to their IoT data to better monitor and diagnose operational issues and predict maintenance needs. In fact, by 2025, more than a quarter of data created in the global datasphere will be real time in nature, and real-time IoT data will make up more than 95% of this. 1

With this rapid increase in IoT data, industrial engineers and analysts are often overwhelmed with the sheer volume of machine data that is generated today by disparate industrial control systems and sensors. Splunk IAI offers a packaged set of capabilities that helps customers pivot their operational strategy from reactive to proactive.

“Real-time analytics is an absolute must for manufacturers today, but organizations are struggling to bridge the gap between legacy systems, industrial assets and sensor data,” said Ammar Maraqa, senior vice president, business operations and strategy and general manager of IoT Markets, Splunk. “Splunk IAI provides a single solution that helps ensure industrial systems are running at full capacity, enabling organizations to significantly save resources and money on unplanned downtime.”

“For years, Splunk has provided their customers with valuable answers from their IT and security machine data. Now, the massive growth of IoT data has the industrial world demanding a solution that can help them proactively take action on their data as well,” said Dr. Ulrich Bock, director, rail and industry consulting, ESE GmbH. “As a Splunk partner, we look forward to helping our customers turn IoT data into answers to further fuel their business.”

Built on top of Splunk® Enterprise, Splunk IAI enables capture and correlation of data from Industrial Control Systems (ICS), sensors, SCADA systems and applications, making it easy to monitor and diagnose equipment and operational issues in real time. This data-driven approach to industrial operations enables customers to respond to issues faster without affecting production, where unplanned downtime can equate to millions of dollars in lost revenue.

1IDC White Paper, sponsored by Seagate, Data Age 2025, April 2017

“Working with Splunk Industrial Asset Intelligence has helped us significantly reduce the time spent on troubleshooting equipment issues,” said Ricardo Bicudo, vessel performance manager, Sapura Navegacao Maritima. “This is a key factor for our company strengthening our safety and operational standards.”

“The packaged set of capabilities provided by Splunk Industrial Asset Intelligence easily integrates with our existing Splunk platform,” said Erika Swartz, senior process engineer, fibers division, Shaw Industries. “Access to real-time and predictive insights is critical for identifying and diagnosing issues, as well as improving performance of our manufacturing processes.”

A limited availability release of Splunk IAI will be introduced on April 23, 2018 at leading industrial conference Hannover Messe, with general availability for all Splunk customers this fall. To sign up for the limited availability release of Splunk Industrial Asset Intelligence, visit the Splunk website.

Splunk Closes Acquisition of Phantom

Acquisition of Security Orchestration, Automation and Response Leader Propels Analytics-Driven Security and IT

SAN FRANCISCO – April 9, 2018 – Splunk Inc. (NASDAQ: SPLK), first in delivering “aha” moments from machine data, today announced that it has closed the acquisition of Phantom Cyber Corporation, a leader in Security Orchestration, Automation and Response (SOAR). Phantom’s SOAR platform helps organizations improve the efficiency of their Security Operations Center (SOC) by automating tasks, orchestrating workflows, improving collaboration and enabling incident response at machine speed. For more information, visit the Phantom website to register and download Phantom Community edition for free.

The aggregate purchase price for the transaction was approximately $350 million, excluding working capital and other adjustments, paid in cash and restricted common stock.

“Today marks an exciting new era for Splunk and Phantom customers, partners and employees,” said Doug Merritt, President and CEO, Splunk. “The combination of Splunk’s machine data platform with Phantom’s SOAR technology will accelerate a new age of analytics-driven security and expand Splunk’s vision as the security nerve center for SOCs around the world.”

Automation and orchestration are integral parts of security customers’ SOC strategies to accelerate incident response while addressing the security skills shortage. Phantom’s SOAR platform offers automation capabilities that will also assist IT teams in solving challenges in a widening range of use cases, including Artificial Intelligence for IT Operations (AIOps).

For more information about Splunk and Phantom, visit the Splunk website.

Safe Harbor Statement

This press release contains forward-looking statements that involve risks and uncertainties, including statements regarding the expected benefits of the acquisition of Phantom, the impact of the acquisition on Splunk’s products and services, the capabilities of Phantom’s products and services and the expected benefits of the combined offerings. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release, including: difficulties encountered in integrating the business, technologies, personnel and operations; costs related to the acquisition and integration; market acceptance of the acquisition and resulting products and services; Splunk’s inability to realize value from its significant investments in its business, including product and service innovations; and general market, political, economic and business conditions.

Additional information on potential factors that could affect Splunk’s financial results is included in the company’s Annual Report on Form 10-K for the fiscal year ended January 31, 2018, which is on file with the U.S. Securities and Exchange Commission. Splunk does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

Splunk Named in the Leaders Category of the IDC MarketScape Asia/Pacific Big Data and Analytics Platform 2017 Vendor Analysis Report

Splunk Recognized for Critical Technology Capabilities and Customer Value in Big Data Analytics Market

SAN FRANCISCO and HONG KONG – March 6, 2018 – Splunk Inc. (NASDAQ: SPLK), first in delivering “aha” ” moments from machine data, today announced it has been named in the “Leaders” category of the IDC MarketScape: Asia Pacific Big Data and Analytics Platform 2017 Vendor Analysis report*. Within the IDC MarketScape methodology, a host of key criteria was considered, including Splunk’s strategy, offerings (including Splunk® Enterprise and Splunk CloudTM), user experience and vision in artificial intelligence and machine learning. Download an excerpt of the IDC MarketScape: Asia Pacific Big Data and Analytics Platform 2017 Vendor Analysis report on the Splunk website.

“Splunk has established its position within the market as an essential partner for businesses performing analysis related to the performance and robustness of the security within the organization,” said Kar Leong Tew, research manager, IDC. “Building on this foundation, Splunk is leveraging its expertise and experience at integrating and handling data from multiple data sources of different granularity and importance, such as API pulls, logs and metrics at providing analytical capabilities to their customers. Splunk helps customers take action based on their analysis of the data, taking into consideration its relative importance within their organization.”

“We are honored to be named by the IDC MarketScape as a leader in Asia Pacific big data analytics platforms,” said Chern-Yue Boey, vice president of APAC, Splunk. “Splunk customers recognize the business value of machine data, and they are using the Splunk platform to turn data into answers in use cases spanning IT operations, security, business analytics and Internet of Things.”

The Splunk platform is available on-premises, as a cloud service or as a hybrid solution. To accelerate time-to-value, many Splunk customers leverage Splunk Enterprise Security (ES), Splunk IT Service Intelligence (ITSI) and Splunk User Behavior Analytics (UBA). These premium solutions are purpose-built offerings that provide comprehensive, end-to-end experiences for specific personas and use cases. Artificial intelligence and machine learning is used to enhance the monitoring, detection and prediction of critical IT, security and business events. Splunk ITSI and Splunk UBA utilize unsupervised machine learning which delivers value to any user, but Splunk also helps operationalize machine learning by enabling custom analytics and a more hands-on experience through the Splunk Machine Learning Toolkit. This toolkit is available for free to any Splunk Enterprise or Splunk Cloud customers, and it allows users to easily create, deploy and manage machine learning models.

Reflecting the company’s growing momentum, Splunk received additional industry recognition by winning the NetworkWorld Asia Readers’ Choice Product Excellence Awards 2017 in the Big Data and Business Analytics category for the third consecutive year. The awards recognize technology providers in Asia Pacific that have contributed to the innovative application of technology by end-user enterprises as they seek to help customers with their digital transformation.

Splunk and New Relic Power Digital Business Success

New Integration Unifies Machine Data Analytics and Performance Monitoring to Power Digital Transformation and Business

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, and New Relic Inc., the digital intelligence leader, today announced a strategic alliance and a new integration to help enterprises improve customer experiences and drive revenues. The Splunk App for New Relic, available today as a preview release on Splunkbase, gives developers and IT operations teams a comprehensive view into both application performance and infrastructure health with seamless sharing of data across both Splunk® and New Relic platforms.

The Splunk Platform collects, analyses and visualises machine data from all levels of the IT stack, including applications, infrastructure and wire data on the network so organisations can make business critical decisions tied to troubleshooting, reliability and planning. New Relic’s Digital Intelligence platform collects and traces data from agents inside application code and infrastructure so organisations can make decisions on customer experience, application dependencies and code performance. Both solutions support cloud, hybrid and on-premises data center architectures.

Unifying machine data analytics with application tracing and performance metrics enables IT and business stakeholders to experience a faster time-to-value through visualising data across both platforms. The Splunk App for New Relic integration enables developers and IT operations teams to quickly identify issues, reduce mean-time-to-resolution (MTTR) and proactively improve customer experiences. The result is improved revenues and expanded resources for engineering teams to drive a faster pace of innovation for their end users.

“Machine data is the fuel for digital transformation and those organisations capitalising on the opportunity are leading the way in IT by monitoring and troubleshooting application performance, often with both Splunk and New Relic,” said Rick Fitz, senior vice president of IT Markets, Splunk. “The partnership enables our joint customers to gain value faster, whether their applications run on-premises or on the cloud. The integration breaks down silos within IT teams to be able to fully leverage both data and workflow insights across the platforms to gain deeper insights with fewer steps.”

“New Relic’s agent data provides visibility into the dependencies across customer experience to application code to infrastructure. When combined with machine data from Splunk, our joint customers will be able to troubleshoot and innovate faster,” said Jim Gochee, chief product officer, New Relic. “We have heard from many customers that they want to standardise the tools and streamline the processes they use to run digital businesses, and today we’re making it possible with an all-in-one integration between two market-leading platforms.”

Melillo Consulting, an experienced technology solutions integrator, works with Splunk and New Relic customers. “Organisations embracing digital business strategies require unified data analysis across all levels of their IT stack, including applications and infrastructure, to ensure they can make informed, business-critical decisions,” said Dan Sytsma, vice president and general manager, Melillo Consulting. “One of the most frequent requests we receive from our customers stems from the desire to seamlessly integrate data across both Splunk and New Relic platforms. The Splunk App for New Relic gives our customers detailed application performance insight to complement machine data analytics insight across the technology stack, without the manual integrations previously required.”

To download the Splunk App for New Relic, click here.

Splunk Recognised as a Leader in Security Analytics by Independent Research Firm

Splunk Enterprise Security Receives Highest Possible Score for Real-Time Monitoring, Scalability and Detection Technologies

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced its position as a Leader in The Forrester Wave™: Security Analytics Platforms, Q1 2017 report. The report evaluates the most significant security analytics (SA) providers based on current offering, strategy and market presence. To view the complete report, visit the Splunk website.

According to the report, “Enterprises widely deploy Splunk as a log management and search tool for infrastructure and operations use cases in addition to security use cases … Enterprises with advanced security teams and complex logging requirements should consider Splunk.” The report also states, “Security analytics platforms give [security and risk] pros the ability to detect, investigate, and respond to cyber security threats. Speeding detection and hastening the investigation process enables faster response, lessening the impact of cyber attacks.”

For this report, Forrester evaluated Splunk Enterprise 6.5 and Splunk Enterprise Security (ES) 4.5. As a leader, Splunk received a 5.0 out of 5.0 in 17 criteria, including real-time monitoring, infrastructure, log management, scalability, and dashboard and reporting.

“Splunk introduced security analytics to the market several years ago directly in response to customer feedback and market dynamics, which have increasingly been centred on making data actionable. We’re proud to help customers around the world make sense of their data and embrace an analytics-driven approach to security,” said Haiyan Song, senior vice president of Security Markets, Splunk. “As organisations seek out solutions to help them detect, respond and hunt for threats faster than ever, many organisations have chosen Splunk to act as their nerve centre for security operations. We believe that Forrester has recognised the value Splunk brings to our customers. In our view, this report further validates how imperative it is to have analytics-powered technologies like Splunk at the heart of the Security Operations Center.”

Splunk customers use a platform-oriented approach to gain a wide range of analytics capabilities through Splunk Enterprise, Splunk ES, the machine learning toolkit and Splunk User Behavior Analytics (UBA). This provides users with insight into machine-generated data, including network, endpoint, access, anti-malware, vulnerability and identity information. Ultimately, this gives users the necessary analytics, flexibility and customization in their SOCs to manage and hunt security threats in real-time.

In Forrester’s 36-criteria evaluation of security analytics vendors, the research firm identified what they deem the 11 most significant providers in the category and researched, analysed and scored them. The Forrester Wave: Security Analytics Platforms report assesses the state of the security analytics market, and details findings about how well each vendor fulfils the criteria and where each fits in relation to each other.

To learn more about analytics-driven security and Splunk ES, download the report at the Splunk website.

Forrester Research, Inc., The Forrester Wave™: Security Analytics, by Joseph Blankenship with Stephanie Balaouras, Bill Barringham and Peter Harrison; March 6, 2017

Splunk Takes Home Excellence Award for Best Enterprise Security Solution at SC Awards 2017

Splunk Earns Recognition from SC Magazine for Sixth Consecutive Year

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, announced today that Splunk® Enterprise Security (Splunk ES) won the Excellence Award for Best Enterprise Security Solution at the SC Awards 2017.

“We are honored that Splunk ES earned this prestigious recognition as the Best Enterprise Security Solution by SC Media. The award is further testament that organisations around the world are hungry for analytics-driven security solutions that can detect and respond to threats while enabling real-time decision-making across security operations,” said Haiyan Song, senior vice president of security markets, Splunk. “As advanced cyber adversaries find new avenues to penetrate valuable data, it’s crucial that businesses can visualise and respond to threats faster than ever – which is why so many organisations rely on Splunk to help protect their data.”

Winners in the Excellence Award category of the SC Awards were selected by a panel of IT security experts from both the private and public sector. During the judging process, each finalist went through a rigorous evaluation that included in-depth analysis, analyst reports and/or product reviews. After a thorough and comprehensive analysis of each finalist’s strengths, Splunk’s Enterprise Security Solution was chosen as the winner of an Excellence Award in the Best Enterprise Security Solution category.

Splunk customers use ES as their security nerve centre, combining Splunk’s core security and information event management (SIEM) functionality with Splunk User Behavior Analytics (UBA). With Splunk ES, security analysts get insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity information, which arms teams with deep investigative and rapid response capabilities. This combined platform provides security analysts with a comprehensive solution that sits at the heart of the Security Operations Center (SOC) to improve threat detection and reduce time to resolution.

“Winning an Excellence Award represents hours, weeks and months of hard work, problem solving and dedication,” said Illena Armstrong, VP, editorial, SC Media. “We are proud to recognise Splunk for its outstanding contribution to the IT security landscape.”

Splunk ES was also a SC Awards Finalist for Best SIEM and Splunk UBA was a Finalist for Best Behavior Analytics/Enterprise Threat Detection. This caps a year of strong industry recognition for Splunk, with Splunk ES being named a leader in the 2016 Gartner Magic Quadrant for Security Information and Event Management (SIEM) for the fourth consecutive year.

The SC Awards are recognised throughout the cyber security industry and are a crowning achievement for IT security professionals and products. Each year, hundreds of applications are reviewed and narrowed down to a select group of finalists that represent the best solutions, services and professionals working around the clock to protect today’s businesses from an ever-changing landscape of security threats. For more information and a detailed list of categories, finalists and winners, please visit http://www.scmagazine.com/awards.