Splunk Named a Leader for the Sixth Consecutive Year in Gartner’s 2018 Magic Quadrant for Security Information and Event Management

Splunk Positioned Highest Overall for Ability to Execute for Security Information and Event Management

SAN FRANCISCO – December 6, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, today announced it has been named a Leader in Gartner’s 2018 Magic Quadrant for Security Information and Event Management for the sixth straight year. Splunk was also positioned highest overall on the ability to execute axis, which we feel is a testament to Splunk’s position at the heart of the Security Operations Center (SOC). For the report, Gartner evaluated Splunk’s security offerings, including Splunk® Enterprise, Splunk Enterprise Security (ES), Splunk User Behavior Analytics (UBA) and Splunk Phantom®. For a complimentary copy of the Gartner 2018 Magic Quadrant for Security Information and Event Management, visit the Splunk website.

According to Gartner’s 2018 report, the security information and event management (SIEM) market is defined by the “customer’s need to analyze event data in real time for early detection of targeted attacks and data breaches, and to collect, store, investigate and report on log data for incident response, forensics and regulatory compliance.” Splunk significantly expanded its security portfolio offerings this year, adding machine learning capabilities and security automation, orchestration and response (SOAR) technology via its acquisition of Phantom.

“The effective use of threat intelligence, behavior profiling and analytics can improve detection success. SIEM vendors continue to increase their native support for behavior analysis capabilities as well as integrations with third-party technologies, and Gartner customers are increasingly expressing interest in developing use cases based on behavior,” wrote Gartner report authors Kelly Kavanagh, Senior Principal Analyst, Toby Bussa, VP Analyst and Gorka Sadowski, Senior Director Analyst.

“Splunk introduced the concept of analytics-driven security to the market, which has helped thousands of organizations get insights and take action on their data. Today, customers around the world are using a powerful combination of Splunk security solutions to help them detect, investigate and act on security threats faster than ever before,” said Haiyan Song, senior vice president and general manager, security markets, Splunk. “We believe Gartner’s continued recognition demonstrates Splunk’s vision of building a security nerve center that empowers our customers to act on threats rapidly with data analytics, and then remediate at machine speed while leveraging security orchestration, automation and response.”

The security skills gap is growing – recent estimates state that the industry will be short two million security professionals by next year. With that, security teams are struggling to keep up with an accelerated volume of threats and alerts that are constantly barraging their networks. As more and more customers turn to Security Operations as the center of gravity within the SOC, organizations are demanding solutions that can leverage data to automate and orchestrate threat response. Splunk unveiled its latest suite of security solutions at .conf18, the annual Splunk users conference last month, including:

– Splunk Enterprise Security 5.2, Splunk’s flagship security platform, which acts as the ‘security nerve center’ within the SOC so customers can use their data to continuously monitor, detect and respond to risk

– Splunk User Behavior Analytics 4.2, powered by machine learning, which helps customers detect anomalous behavior and known and unknown threats from inside or outside of their networks

– Splunk Phantom 4.1, the newest addition to Splunk’s security portfolio, which allows customers to automate and orchestrate a response on their security data to dramatically scale their security operations.