Centralized security monitoring, greater productivity
“With Splunk, we finally got the security analytics platform of our dreams,” says Fngi Hsu, chief information security officer of ACE Exchange. Splunk was perfect for managing the complexity of the organization’s multicloud environment, automatically collecting log data from all public cloud computing platforms ACE uses — including Google Cloud, Amazon Web Services and Microsoft Azure — then generating a complete picture of the company’s security posture for quicker threat hunting, real-time event response and more reliable monitoring. ACE’s security teams also benefited from Splunk’s intuitive dashboards, relying on them to predict, detect and respond to different types of threats.
Adopting Splunk has massively reduced security teams’ workloads. “The simple, easy-to-learn Splunk Search Processing Language not only solves the slow search problem of the old platform, but also enables us to flexibly adjust the dashboard and alert settings to meet our security needs, especially the new ‘A.8.16 Monitoring Activities’ control item of the ISO27001:2022 practice,” Hsu explains. “Credit also goes to the Splunk Mobile app, which gives us access to dashboards, reports and alerts from a single interface on the go. Instead of working night shifts in the office, the team can now stay connected with the Splunk platform anytime, anywhere.”
ACE has also used Splunk to develop machine learning models that predict cyber threats and alert on security incidents. This reduces repetitive, manual tasks, meaning that jobs that once took seven days to complete now only take two. These productivity savings allow team members to focus on what matters most while enabling ACE to reallocate its resources for other strategic security initiatives.