Detect. Respond. Prevent.

Today’s enterprise requires big data security solutions that can adapt to advanced threats and changing business demands. Simple monitoring of traditional security events is no longer enough. Security practitioners need broader insights from new data sources generated at massive scale across IT, the business and in the cloud. Staying ahead of external attacks, malicious insiders and costly fraud demands continuous security and compliance monitoring, fast incident response and the ability to detect and respond to known, unknown and advanced threats.

Splunk® security solutions enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions. Splunk enables analytics-driven security.

Get Started
  • Video
    Why Splunk for Security
  • Solution Guide Splunk for Security
  • Technical Brief Using Splunk Software as a SIEM
  • Technical Brief Building a SOC with Splunk
  • Technical Brief Using Splunk® User Behavior Analytics
  • ebook (Registration Required) Applying the SANS Top 20 Critical Security Controls Using Splunk
Splunk Enterprise Security Free Online Sandbox
Splunk Premium Solution

SIEM and Beyond

Splunk Enterprise Security

Splunk Enterprise Security is the industry leading security intelligence platform that addresses Security Information and Event Management (SIEM) use cases by providing pre-packaged dashboards and correlations, reports, incident response workflows and visualizations to increase the effectiveness and efficiency of security teams.

Learn More

Security Challenges

Advanced Threat Detection & Response

Trace the stages of the kill chain by finding relationships using any field across any data over any timeframe.

Learn More

Insider Threats

Use Splunk to detect malicious employees and other insider threats before they can steal, misuse or damage confidential data.

Learn More


Provide greater levels of automation and perform continuous monitoring of compliance and regulatory mandates.

Learn More

Fraud and Theft

Search and pivot through real-time or historical data to research and detect fraud or theft and pinpoint abuse.

Learn More

User Behavior Analytics

Detect cyber-attacks and insider threats with a solution that leverages data science and machine learning.

Learn More

Related Apps and Add-Ons

There are currently over 600 add-ons and apps built by Splunk, its partners or community members that provide data input solutions, reports, dashboards, correlations, and utilities for a wide range of functions. These apps and add-ons provide visibility into functional technologies such as intrusion prevention, payload analysis, access control, identity management, threat intelligence, messaging, endpoint threat defense and response. You will also find apps for the management of vendor-specific technologies that provide access to a wide range of utilities for visualizations, geo-location mapping, analytics and enterprise integration. See our complete listing of apps and add-ons on

Splunk App for Stream

Capture, analyze and correlate network wire data with other log and machine data in Splunk® Enterprise.
Learn More

Splunk App for Windows Infrastructure

Collect Windows endpoint data including file, process, network and host activity and WMI data.
Learn More

Splunk DB Connect

Get business and enterprise context such as customer, product and HR data using real-time integration into traditional relational databases.
Learn More

Splunk App for CEF

Expand capabilities of legacy log management and SIEM solutions by mapping Splunk fields to Common Event Format (CEF) fields.
Learn More

Splunk App for Unix and Linux

Get information about processes, the files they open, user attributes and statistics such as last login times and other security-related information.
Learn More

Splunk App for Microsoft Exchange

Gain real-time visibility into the entire email service to monitor and detect anomalies in email transmission and supporting service components as well as keep track of user behavior.
Learn More

Security Technology
Provider Apps

Over 200 security apps and add-ons developed by Splunk, its partners or community members are available on to provide fast insights into many of the industry’s leading security technologies. These apps and add-ons extend the power of the Splunk Security Intelligence Platform by enhancing security protection for threat intelligence, network security and activity, endpoint security and activity, malware and payload analysis and identity and authentication, including environmental, physical and spatial technologies. A complete listing of Splunk Apps and add-ons is available on

Splunk App for Blue Coat ProxySG
Learn More | Free Download

Splunk App for Centrify Insight
Learn More | Free Download

Splunk for Cisco Security Suite
Learn More | Free Download

Splunk for Citrix NetScaler with AppFlow
Learn More | Free Download
Splunk App for FireEye
Learn More | Free Download

Splunk App for Palo Alto Networks
Learn More | Free Download

Splunk App for Symantec
Learn More | Free Download

Splunk Tanium Application
Free Download

OPTIC Splunk App by ThreatStream
Free Download

Ask a Security Expert

Joe Goldberg


Expertise: Using Splunk for security, compliance and anti-fraud/theft/abuse use cases. Includes how to use Splunk as a SIEM or to power a SOC.

Contact Us
joe goldberg expert