Announcing the General Availability of Splunk® Enterprise Security 8.0

At .conf24 we unveiled the private preview of Splunk Enterprise Security 8.0, and the buzz was undeniable.

Today, we are thrilled to announce that Splunk Enterprise Security 8.0 is now generally available! This isn’t just another release—it’s a massive leap forward that redefines and revolutionizes security operations.

Splunk Enterprise Security 8.0 is the cornerstone of the SOC of the Future. With groundbreaking advancements featuring a seamless investigation and case management solution that includes integrated automation with Splunk SOAR¹, Splunk Enterprise Security 8.0 delivers the most seamless analyst experience across the threat detection, investigation, and response (TDIR) workflow.

We Promised the SIEM of the Future. And We Delivered.

Splunk Enterprise Security 8.0 revolutionizes the SOC workflow experience from the ground up. Now security analysts can seamlessly detect what matters, investigate holistically, and respond to threats —faster and more efficiently than ever before. The SIEM of the future is here: unified TDIR with automated workflows, modern aggregation and triage capabilities, enhanced detections and simplified terminology.

For far too long, SOC teams have struggled with disjointed tools and processes. With Splunk Enterprise Security 8.0, those days are over. Here’s how we’re revolutionizing the SOC workflow experience and boosting analyst productivity:

A Game-Changing Unified Work Surface. No More Pivoting Between Tools.

Say goodbye to spending extra time pivoting between tools. Imagine doing everything from one modern, unified interface. Now with the direct integration of Splunk SOAR playbooks and actions with the case management and investigation features of Splunk Enterprise Security and Mission Control, analysts can handle everything from detection, investigation and response without switching context. This significantly boosts operational efficiency by providing a unified solution for data aggregation, analysis, and automation—without leaving Splunk Enterprise Security.

Find and Automate What Matters, Faster: Say Hello to Finding Groups²

Now, with Finding Groups, you can view all related high-fidelity findings in one click. Finding Groups automatically aggregates findings based on predetermined rules against common security grouping techniques and calculations. This further simplifies the SOC analyst experience to take action and respond to sophisticated threats. But we didn’t stop there. Now, with native Splunk SOAR integration, analysts can leverage Automation Rules to assign playbooks to specific detections, enabling those playbooks to run automatically whenever designated findings are triggered in Splunk Enterprise Security. Unifying these capabilities enables the SOC to accelerate their automation journey—all through a single view.

Seamlessly Implement a Risk-based Alerting Detection Strategy

New, enhanced detections provide turnkey capabilities to build high-confidence aggregated alerts for investigations. We also added native, automatic detection versioning within Enterprise Security Content Updates (ESCU) and customer-owned detections.

Breaking Down Data Silos: Simplified Terminology, Aligned with OCSF

With simplified terminology across TDIR workflows, Splunk Enterprise Security now aligns with the Open Cybersecurity Schema Framework (OCSF). This ensures that every SOC analyst speaks the same language within the TDIR workflow, creating a truly seamless experience.

The Market-Leader in SIEM. The Proof is in the Recognition.

The industry recognition keeps rolling in. This year, we celebrated being recognized as a Leade r ten times in a row in the 2024 Gartner® Magic Quadrant™ for SIEM. But that’s not all, Splunk was ranked first in every Use Case in the 2024 Gartner® Critical Capabilities for Security Information and Event Management.

And if that’s not enough to get excited about—Splunk has been ranked #1 for the fourth consecutive year in the IDC Worldwide Security Information and Event Management Market Shares, 2023: The Leaders in SIEM City (doc # US52525024, September 2024) report.

Splunk has also been named a Leader in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment (doc #US49029922, September 2024).

Splunk Enterprise Security 8.0 is available now for cloud and on-premise environment customers. Please reach out to your account representative for more information.

Watch our on-demand discussion featuring Forrester’s Allie Mellen on trends in today’s SIEM market. You'll also learn more about how Splunk is revolutionizing the analyst experience with Splunk® Enterprise Security 8.0 through native integration with Splunk SOAR.

We’re always listening! Have ideas and requests? Share them with us through Splunk Ideas.

We’re building the SOC of the Future together. To learn more about Splunk Enterprise Security, visit our website. Happy Splunking!

¹Splunk SOAR Cloud subscription required

² *In preview with Splunk Enterprise Security 8.0