CUSTOMERS

SAIC & Splunk as a Security Intelligence Platform

splunk_LogoSplunk is one of the fastest growing companies in the hi-tech industry for a reason. We constantly push the boundaries on how we, and others, think about complex problems. One area that we’ve been successfully driving for a few years now is Security Intelligence. We learned early on, through the eyes of our customers, that the traditional approach to security had severe limitations. It was pure disruption and innovation to invert the thinking in this area and use the native Splunk platform to identify and ingest massive quantities and sources of unstructured and semi-structured data. This has enabled Splunk customers to index machine-generated data and query it with schema-on-the-fly, powering visualizations, dashboards, alerts and proactive remediation. This is what has led to our customer endorsements and euphoria in this area.

SAIC is the latest great example of how Splunk is helping our valued customers change the game in their relentless battle to keep their companies safe. SAIC has standardized on Splunk as its Security Intelligence platform. Why Splunk? SAIC is fully committed to the mantra that “all data is security relevant.” As the company started to build its SOC, the SAIC team needed to analyze huge volumes of data while still being able to easily add and correlate new types of data—including non-security data sources. This is what the core Splunk platform was built to do. The flexibility and visibility provided by Splunk was a key reason it was selected over a traditional SIEM.

The results have been staggering. SAIC is using Splunk to power executive-level dashboards, giving the CISO visibility into key security metrics around threat activity, aggregated source location and indicators of compromise. The company has reduced the time required to open, conduct and close investigations from days to hours. It was also able to build a fully operational SOC from the ground up in less than six months.

What’s equally powerful and fascinating is that they are able to use this same deployment to address other major use cases, including IT operations and application delivery. After all, much of the data needed to power these use cases is also needed for Security Intelligence. When we refer to Splunk as a platform, this is one of the key characteristics —the ability to aggregate multiple unique data sources and gigabytes to terabytes of high velocity data to address everything from powering a SOC to network monitoring or application analytics.

If you’re interested in learning more about how SAIC is using Splunk Enterprise and the Splunk App for Enterprise Security, be sure to check out the Splunk and SAIC case study or the video below:

Doug Merritt
Posted by

Doug Merritt

Doug Merritt has served as Splunk’s president and CEO and a member of the Splunk Board since 2015. Previously, Doug served as senior vice president of field operations at Splunk from 2014 to 2015. Prior to joining Splunk, he served as senior vice president of products and solutions marketing at Cisco Systems, Inc., a networking company, from 2012 to 2014. From 2011 to 2012, he served as CEO of Baynote, Inc., a behavioral personalization and marketing technology company.  Previously, Doug served in a number of executive roles and as a member of the extended Executive Board at SAP A.G., from 2005 to 2011. From 2001 to 2004, he served as group vice president and general manager of the Human Capital Management Product Division at PeopleSoft Inc. (acquired by Oracle Corporation). He also co-founded and served as CEO of Icarian, Inc. (since acquired by Workstream Corp.), a cloud-based company, from 1996 to 2001. He holds a B.S. from The University of the Pacific in Stockton, California. He was born in 1964 and attended Miramonte High in Orinda, CA. 

Join the Discussion