Skip to main content


Splunk Acquires Twinwave

In 2022, Splunk acquired the automated threat analysis company Twinwave, now called Splunk Attack Analyzer.

Splunk Attack Analyzer automates threat analysis of suspected malware or credential phishing threats by identifying and extracting associated forensics to provide accurate and timely detections. The solution uses proprietary technology to analyze credential phishing and malware threats, helping analysts achieve unparalleled detection efficacy with accuracy, confidence and ease. When paired with Splunk SOAR, Splunk Attack Analyzer conducts automated analysis of identified indicators without SOC analysts having to perform manual investigative tasks or write complex playbooks utilizing multiple threat analytics products.