Splunk announced the new Splunk Security Cloud, a data-centric modern security operations platform that delivers advanced security analytics, automated security operations, and integrated threat intelligence with an open, unparalleled ecosystem.
Splunk Security Cloud brings together security operations solutions that help customers get maximum value from their data. With Splunk Security Cloud, teams can secure and manage multi-cloud deployments while remaining agile to adapt to ever-evolving threats.
“At Splunk, we believe security is a data problem and data drives better decisions, providing the foundation for security analytics,” said Sendur Sellakumar, Chief Product Officer, Splunk. “As the volume and complexity of data grows and customers’ digital environments get more complex, Splunk Security Cloud provides the best solutions to help customers solve their ever-evolving security challenges.”
“Security solutions with advanced analytics and automation help educational institutions and universities better defend against new challenges, such as IoT and edge computing attacks, and help us provide the most secure experience to our students and faculty,” said Lanita Collette, Deputy Chief Information Officer and Chief Information Security Officer, University of Arizona. “We are excited to partner with Splunk into the future and look forward to their continuous innovation in security.”
“Security buyers today value a platform that integrates traditionally separate tools for advanced behavioral analytics, threat intelligence and SOAR – all delivered in the cloud that is easy-to-buy and easy-to-use,” said Jon Oltsik, Senior Principal Analyst & Fellow, Enterprise Strategy Group. “Splunk has made great strides over the past year in bringing together their security solutions on a single cloud platform under one pricing model, helping customers manage high-volume actionable data for security teams in real-time.”
Providing a unified, data-centric view across cloud and hybrid environments
Splunk Security Cloud takes a data-centric approach to security, helping teams drive better decisions. Splunk accelerates organizations data-driven outcomes with this robust security operations platform that includes the following capabilities:
- Advanced security analytics includes machine learning-powered analytics to detect and deliver key insights into multi-cloud environments.
- Automated security operations drives faster time to detection, investigation and response; alerts that used to take 30 minutes, now can take as little as 30 seconds.
- Threat intelligence that automatically collects, prioritizes and integrates all sources of intelligence driving faster detections.
- Open ecosystem helps correlate data across all security tools, regardless of the vendor, for increased visibility and apply prescriptive detections and guidance to detect threats faster.
“Splunk Security Cloud combines advanced security analytics, streamlined security operations and an open and thriving ecosystem, bringing together Splunk’s and our partners’ industry leading security solutions to help our customers securely embrace digital transformation and SOC modernization,” said Jane Wong, Vice President, Product Management, Security at Splunk.
Splunk Ecosystem delivers unparalleled security partner integrations
“Security is a team sport, and no single product or service can solve all customers’ security needs,” continued Sellakumar. “Enterprises we talk to have anywhere from 25 to 50 tools in their environment, including multiple control points, increasing operational costs and complexity for the Security Operations Centers. Organizations need to have the freedom to leverage a combination of solutions for their security needs, hence the reason why we believe our partner ecosystem is so important for our customers, enabling faster solutions for their needs. As a result, solution providers need to come together to enable a cohesive solution set for our joint customers.”
Splunk has continued to develop a vast network of partners to help accelerate customers’ journey to the cloud in a secure way, making it easier to focus on key business outcomes. Splunk takes an open approach with its 2,500 plus partners enabling best-of-breed choice for joint customers.
Additionally, our automation ecosystem includes over 300 third-party integrations that support more than 2,000 operations actions that allows customers to correlate data across their disparate security tools for increased visibility and apply prescriptive detections and guidance to detect threats faster. Amazon Web Services (AWS) and BlueVoyant are just a few of the companies helping organizations digitally transform and move to the cloud securely.
Splunk announces new security analytics for AWS solution for small security teams
Splunk has been working with AWS to release new offerings that provide a more curated experience for customers that have an AWS-centric cloud adoption model. Optimized for AWS customers, the new Splunk Security Analytics for AWS offering is a simplified security analytics solution designed for lean security teams running on AWS.
Splunk Security Analytics for AWS leverages deep, centralized visibility of AWS environments, accelerating threat detection, investigation and response capabilities for security teams with fewer staff. Splunk Security Analytics for AWS is scheduled to be available on AWS Marketplace on June 29, 2021.
“Splunk Security Analytics for AWS gets up and running very quickly. The new data onboarding wizard rapidly brings AWS data into pre-built, AWS-specific Splunk security dashboards, with very little manual input required,” said beta customer Daniel Bauza, AWS Security Architect, Verisure.
Splunk completes acquisition that strengthens security portfolio with key automation capabilities
Splunk also completed the acquisition of TruSTAR, a cloud-native security company providing a data-centric intelligence platform. TruSTAR extends Splunk’s leadership in security analytics through cloud-native threat intelligence integration and automation.
TruSTAR’s intelligence platform, which works with the Splunk security portfolio today, will be integrated deeper into the Splunk Security Cloud in the coming months, allowing Splunk customers to enrich their SOC workflows with normalized threat intelligence from third-party sources and from their own historical events and investigations reducing the time it takes for customers to detect and remediate issues before they impact the business.
Pricing and availability
Splunk Security Cloud and Security products are available now in the United States, and will be available in APAC and EMEA in the future. Pricing packages are designed for different customer maturity levels.