A Unified Security and Observability Platform

The accelerated adoption of hybrid cloud models is driving massive change to how you manage your data as it continues to grow exponentially. As cloud-native application models become pervasive, the surface area and complexity of infrastructure to be monitored and secured has grown by orders of magnitude. 

We know that each one of our customers competes on data. All else being equal, those who use data most effectively thrive. We’ve listened and delivered the innovation you need—a foundation to enhance security and drive business resilience in order to unlock innovation with speed and agility.

The Splunk Difference

At the heart of it, security is a data challenge. The same with observability. Both these can benefit from using a common data set and tools, and a consistent user experience across the hybrid cloud.

The Splunk Platform allows you to act on your data where it is — at scale — giving you end-to-end visibility into your data and making it possible to investigate and act on that data fast enough to predict or prevent a security incident or system outage—before your customers and business are impacted. The extensibility of the Splunk Platform allows you to go beyond point solutions and build security and observability that works for your business’ unique needs.

Splunk Cloud Platform and Splunk Enterprise 9.0 are aimed at making the lives easier for administrators and users to help turn data into doing.

• For those of you blocked by data silos and blind spots, you now have the ability to search seamlessly across data sources. 
• For those of you building searches, visualizations, and data apps, you’ve told us that you need a self-service model to easily integrate across multiple data and analytics frameworks.
• For those of you who need to wrangle massive data sets, provision users with Splunk access, and manage deployments, you need more granular control over their Splunk environments. You don’t need to make tradeoffs between full fidelity data and the cost of data storage. 

The platform announcements at .conf22 help you drive three major outcomes with your data:

End-to-End Visibility

Expanded data access and preprocessing through Ingest Actions, Edge Processor preview, and Data Manager, combined with additional cost effective storage for data from edge to cloud enables the Splunk Platform products to further empower security teams and IT Ops teams to clearly see across all their digital systems to understand if they are secure and performant and identify opportunities for improvement. 

^{Data Manager Home Page: Configure cloud-native data onboarding in minutes, with a modern user experience and data source specific best practices}

^{Ingest Actions Route to S3: Route incoming data to S3 bucket destinations and/or indexing}

“The thing that impressed me the most about Data Manager was it took less than 30 minutes to set up what before took several hours of multiple sessions with our cloud team over the course of several weeks. Being able to import, action, and monitor your data that fast is impressive." – Joseph Schooler, Data Scientist, Cirrus Logic

Rapid Investigation and Action

Through expanded Federated Search and the introduction of Splunk Assist, customers can create searches that span multiple Splunk and Amazon S3 environments, and get deeper real-time assistance to improve your Splunk deployment security posture.

^{Federated Search: Unlock cross-functional insights by breaking down data silos with cross stack analytics for a unified, single pane view of your entire Splunk ecosystem—while maintaining your security requirements}

^{Splunk Assist: Splunk Assist provides you a single place to monitor your deployment and see recommendations to improve your security posture}

“Splunk Assist allows us to ensure compliance across our fleet of Splunk instances and universal forwarders. Splunk Assist frese up our time from checking certificates, managing apps, and tightening our security posture, to focusing on onboarding new data sources and overall data management strategies." – Mike Franklin, IT Architect, UC Santa Barbara

Extensibility

Enhancements to Splunk Platform products increase the ability to build and extend Splunk with an improved app building experience in the Splunk Cloud Developer Edition preview, a reimagined Splunkbase preview experience to access and customize 2500+ publicly available apps, and improved pixel-perfect dashboards to engage more users to get business value from data insights.

^{Splunk Cloud Developer Edition: Validate apps for Splunk Cloud Platform and perform install, configuration, and acceptance testing}

Splunkbase 

“Splunk use cases are not limited to ITOps and SecOps; we use Splunk to solve supply chain use cases, too! If you can imagine it, you can build it!” – Vaibhav Suneja, myWizard AIOPS Development Manager, Accenture

In addition to new capabilities, Splunk platform now ships with an improved security posture. Splunk Enterprise 9.0 includes an updated set of security settings that can support secure TLS configurations across all nodes, user-friendly search processing language (SPL) safeguards, improved secrets and password management, semantic versioning of search APIs, native smart-card (CAC/PIV) support, and additional security updates.

We are thrilled for you to try out our platform innovations available today in Splunk Cloud Platform and Splunk Enterprise 9.0. Please always remember that Splunk has internal and extensive partner resources to help support you with any of these actions through our partnerverse and customer success programs such as education, OnDemand Service support, Technical advisory and customer support.

Make sure you watch the .conf22 Platform Super Session and give these features and more a test-drive by joining us for .conf22 virtual and on-demand sessions and demonstrations both this week and after. And don’t forget to subscribe to our Platform product updates on Splunk Community.

Follow all the conversations coming out of #splunkconf22!

Follow @splunk