Splunk Inc. (NASDAQ: SPLK), provider of the Data-to-Everything Platform, today announced it has been named a Leader in Gartner’s 2020 Magic Quadrant for Security Information and Event Management* for the seventh time in a row. For the second year in a row, Splunk was also positioned highest overall for ability to execute. For the report, Gartner evaluated security offerings from Splunk’s Data-to-Everything™ platform, including Splunk® Enterprise, Splunk Enterprise Security (ES), Splunk User Behavior Analytics (UBA) and Splunk Phantom®. For a complimentary copy of the Gartner 2020 Magic Quadrant for Security Information and Event Management, visit the Splunk website.
According to Gartner’s 2020 report, “The security information and event management (SIEM) market is defined by customers’ need to analyze security event data in real time, which supports the early detection of attacks and breaches. SIEM systems collect, store, investigate, support mitigation and report on security data for incident response, forensics and regulatory compliance.” Splunk continued to build on its security offerings this year, introducing enhanced, real-time monitoring via ES Event Sequencing and the ability to implement security automation with threat intelligence.
“A perfect storm of challenges including never-ending alerts, a security skills shortage, and a barrage of on-premise and cloud vulnerabilities are forcing the Security Operations Center to evolve quicker than ever before. While security analysts continue to look for ways to modernize the SOC, many are embracing Splunk to help them manage security across the entire threat lifecycle,” said Haiyan Song, senior vice president and general manager, security markets, Splunk. “We are honored by Gartner’s continued recognition of Splunk’s ability to lead and execute, which we believe is a testament to our relentless focus on helping 18,500+ customers solve their toughest cyber challenges and modernize security operations with data.”
Organizations around the world are going through a time of unprecedented change, driven by an explosion of new technologies and innovations. This change creates more data than ever imagined, which in turn creates wider attack surfaces and increasing security risk for organizations of all sizes. Splunk security solutions, designed to unlock the trapped value of data and enhance the security analyst experience, include:
- Splunk Enterprise Security (ES) 6.1: Splunk’s flagship security offering delivers an analytics-driven SIEM designed to tackle the most pressing security challenges with the power of data. With Splunk ES, customers gain an end-to-end view of their security posture, providing them with actionable intelligence that helps prioritize incidents and take action on data at machine speed. Splunk ES solves a wide range of security use cases, including security monitoring, advanced threat and attack detection, compliance, and incident investigation and response.
- Splunk Phantom 4.8: The rising volume of cyber attacks continues to put a strain on SOCs battling both the security skills gap and analyst burnout. Designed to help automate security operations teams force multiply their efforts, Splunk Phantom brings the power of security orchestration, automation and response (SOAR) to the SOC, allowing analysts to automate threat detection and response so they can focus on mission-critical decisions that impact the business. With Phantom, analysts can work smarter and respond faster through enhanced event and case management, collaboration and reporting.
- Splunk User Behavior Analytics (UBA) 5.0: Driven by the global rise of insider threats, organizations are turning to tools like Splunk UBA to help them find unknown threats and anomalous user behavior across devices and applications. Powered by machine learning (ML), Splunk UBA supercharges Splunk’s analytics-driven SIEM, offering robust customization with context-enhanced correlations and rapid investigation capabilities. Common use cases for Splunk UBA include compromised user accounts, data exfiltration, account misuse and more.
- Splunk Mission Control (BETA): Splunk Mission Control is a unified experience that modernizes and optimizes security operations, allowing security teams to manage events across their entire lifecycle from a common work surface. The cloud-based software-as-a-service (SaaS) allows security teams to detect, manage, investigate, hunt, contain and remediate threats and other high-priority cyber challenges, giving customers better efficiency and a superior analyst experience.
*Gartner, “Magic Quadrant for Security Information and Event Management,” Kelly M. Kavanagh, Toby Bussa, Gorka Sadowski, February 18, 2020.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Splunk Inc.
Splunk Inc. (NASDAQ: SPLK) turns data into doing with the Data-to-Everything Platform. Splunk technology is designed to investigate, monitor, analyze and act on data at any scale.
Splunk, Splunk>, Data-to-Everything, D2E and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2020 Splunk Inc. All rights reserved.