Splunk Wins Third Ever NAVWAR Enterprise Artificial Intelligence Prize Challenge for Exceptional SOAR Capabilities

The prize challenge, managed by Program Executive Office for Command, Control, Communications, Computers and Intelligence (PEO C4I) and Space Systems’ Cybersecurity Program Office (PMW 130), looked to enhance the Security Operations Center (SOC) using artificial intelligence (AI) and machine learning (ML) tools to automate the detection and prevention of advanced persistent threats and other cybersecurity campaign activity.

Current SOC procedures require a tremendous amount of time and effort to triage alerts, link related logs, perform incident response, and document investigations. Through this AI ATAC Prize Challenge, PMW 130 solicited security orchestration and automated response (SOAR) tools that use AI and/or ML to enhance SOC effectiveness for competitive evaluation. NAVWAR and PEO C4I and Space Systems had sponsored this prize challenge to gather insight and participation from nontraditional defense vendors, teams, and individuals.

PMW 130 has partnered with Oak Ridge National Laboratory, a Department of Energy laboratory in Tennessee, to provide their Cybersecurity Operations Research Range facility and their expertise for evaluating the technical solutions. John T. Armantrout, PMW 130 program manager, was looking for SOAR to perform orchestration and automation pieces — coordinated responses to solve problems, with minimal or no human oversight for each incident.

This challenge measured the performance of these tools based on specific SOAR capability criteria to determine how well they would provide improvements to U.S. Navy SOCs across the world. Over 50+ technical Navy personnel of different technical ability and all around the world participated in the evaluation of the implemented instances of Splunk SOAR.

Scoring was based on each tool’s ability to rank alerts, ingest data, facilitate playbook creation and execution, automate ticket population and common tasks, and facilitate communication between potentially geographically separated SOCs. Splunk’s winning submission was given the highest cumulative score across all of these areas.

This was the third AI ATAC prize challenge conducted by NAVWAR enterprise. The first challenge explored the capability for endpoint security products to incorporate AI and ML models to detect and defeat indicators of compromise, while the second focused on AI and ML technologies that detect adversarial campaigns by monitoring network observable behaviors or by analysis of data collected across an enterprise.

Visit our public sector website to learn more about how Splunk SOAR can empower your SOC to investigate and respond to incidents in seconds, streamlining operations and increasing productivity.

Please contact your Splunk sales representative to begin your journey.