Splunk Acquires Automated Threat Analysis Startup TwinWave Security and Names New Security Leader

The job of an enterprise security professional has never been easy but it has only gotten harder in recent years thanks to an ever-expanding attack surface and shocks to the macro environment. In fact, 65% of organizations saw an increase in attempted cyberattacks, while 54% reported that their business-critical applications suffered unplanned downtime due to a cybersecurity incident, according to global research conducted by Splunk and the Enterprise Strategy Group.

The pandemic and other major disruptions — from political turmoil to supply chain issues — have changed how organizations have to operate today. The changing threat landscape and proliferation of tools is increasing the volume of security breaches and outages — and making the lives of security operation center (SOC) analysts more difficult than ever before.

Our customers continue to demand secure, seamless, always-on experiences from organizations despite what security analysts have to do to make that happen.

This is why cyber resilience — the ability to prevent, respond and quickly recover from events that have the potential to disrupt key business processes, service delivery and access to technology — has become a top business priority to help mitigate cyber risk. At Splunk, we are helping organizations achieve cyber resilience by deploying a data-centric approach to security, delivering faster and better threat detection, investigation, and response.

It’s in the spirit of this mission that today I’m proud to announce that Splunk has acquired TwinWave Security, a cyber security start-up with unique technology that automatically follows and analyzes complex attack chains that would otherwise require cumbersome manual workflows for security analysts.

This acquisition extends our security leadership and as part of this acquisition, we’re also announcing that TwinWave’s CEO and co-founder, Mike Horn, will become our Senior Vice President and General Manager of Security. TwinWave’s three founders are experienced senior technology and product leaders, and will play key roles in our security product, and engineering teams. They bring 60 years of combined security experience and complementary, differentiating product capabilities to help shape the future of Splunk’s security business.

For our customers, TwinWave’s products and services expand Splunk’s mission-critical security analytics and automation capabilities to strengthen Splunk's leadership in helping customers quickly and accurately detect, analyze and respond to an ever-changing landscape of security threats. TwinWave’s solutions will help our customers save time, improve detections and analyze more threats with flexible integrations, and deep automated analysis.

TwinWave adds critical capabilities to empower the security analyst with cloud-native automated threat analysis with verdicts that can activate remediation playbooks within security, orchestration, automation and response (SOAR) for end-to-end automation.

Acquiring TwinWave gives us the ability to bring in highly specialized industry leaders outside of Splunk’s existing capabilities. They have the ability to hit the ground running with existing products, relationships and deep domain expertise. Mike and the team share our passion about customers and helping them be more resilient. Welcome, Mike and team!

Safe Harbor Statement

This blog contains forward-looking statements about the expectations, beliefs, intentions and strategies relating to Splunk’s acquisition of TwinWave Security. Such forward-looking statements include statements regarding the expected benefits of the acquisition of TwinWave, the impact of the acquisition on Splunk’s existing and future products and services, and the capabilities of TwinWave’s products and services, including when added to Splunk’s. There are a significant number of factors that could cause actual results to differ materially from statements made in this blog post, including: difficulties encountered in integrating the business, technologies, personnel and operations; costs related to the acquisition; market acceptance of the acquisition and resulting products and services; Splunk’s inability to realize value from its significant investments in its business, including product and service innovations; and general market, political, economic and business conditions. Additional information on potential factors that could affect Splunk’s financial results is included in the company’s Quarterly Report on Form 10-Q for the fiscal year ended July 31, 2022, which is on file with the U.S. Securities and Exchange Commission (“SEC”) and Splunk’s other filings with the SEC. Splunk does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

----------------------------------------------------
Thanks!
Garth Fort