Splunk Security Intelligence Platform Powers the Analytics-enabled Security Operations Center
Press release – Munich – July 3, 2014 – Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced that it has been named a leader in Gartner’s 2014 Magic Quadrant* for Security Information and Event Management (SIEM). Gartner evaluated Splunk® Enterprise and the Splunk App for Enterprise Security, award-winning products used for security by thousands of organizations around the world. To view the report, go to: www.splunk.com/goto/SIEM_MQ_2014.
As the report outlines, “We continue to see large companies that are re-evaluating SIEM vendors to replace SIEM technology associated with partial, marginal or failed deployments,” according to Gartner report authors Kelly Kavanagh, principal research analyst, Mark Nicolett, managing vice president, and Oliver Rochford, research director. “The greatest area of unmet need is effective targeted attack and breach detection. Organizations are failing at early breach detection, with more than 92% of breaches undetected by the breached organization. The situation can be improved with stronger threat intelligence, the addition of behavior profiling and better analytics. Most companies expand their initial SIEM deployments over a three-year period to include more event sources and greater use of real-time monitoring.”
“We believe Splunk’s position as a leader in the Magic Quadrant for SIEM reinforces the trend we are seeing that an analytics-enabled Security Operations Center (SOC) is essential and more effective at detecting and responding to today’s cyberthreats. Analytics provide the SOC and security team a holistic view by collecting, monitoring and analyzing all the data in an organization with rich enterprise and global threat context,” said Haiyan Song, vice president of security markets, Splunk. “Splunk customers are continuously transforming their operations by giving their SOC and security teams situational awareness and, more importantly, the ability to investigate and make determinations fast, which means more decisive and timely actions against attacks, advanced persistent threats, insider threats and other operational issues.”
Targeted, advanced attacks and insider threats can be detected and resolved using analytics of diverse data sets, but this data is challenging to bring into traditional SIEM deployments. Organizations use Splunk Enterprise and the Splunk App for Enterprise Security to create a security intelligence platform that leverages analytics to help find known and unknown, advanced threats. The Splunk App for Enterprise Security includes visualizations to identify anomalous behavior, a threat intelligence framework to organize and de-duplicate threat feed data and data models and a pivot interface to enable the fast creation of analytics. More than 175 security and compliance-specific apps are also available to help security teams quickly gain insights from industry-leading products from vendors including Cisco Systems, FireEye, Palo Alto Networks and more.
Gartner defines the SIEM Leaders quadrant as being, “composed of vendors that provide products that are a good functional match to general market requirements, have been the most successful in building an installed base and revenue stream within the SIEM market, and have a relatively high viability rating (due to SIEM revenue or SIEM revenue in combination with revenue from other sources). In addition to providing technology that is a good match to current customer requirements, Leaders also show evidence of superior vision and execution for anticipated requirements. They typically have relatively high market share and/or strong revenue growth, and have demonstrated positive customer feedback for effective SIEM capabilities and related service and support.”
To view the report, go to: www.splunk.com/goto/SIEM_MQ_2014.
Register now for .conf2014, the 5th Annual Splunk Worldwide Users’ Conference. .conf2014 will feature more than 130 sessions and is expected to attract more than 4,000 Splunk customers, partners, experts and employees. .conf2014 is being held October 6-October 9 at MGM Grand in Las Vegas.
*Gartner, Magic Quadrant for Security Information and Event Management, Kelly Kavanagh, Mark Nicolett , Oliver Rochford, June 25, 2014. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Interested in more content like this? Sign up to our newsletter, and you wont miss a thing!
(image credit: splunk)