A Stronger Threat Intelligence Platform
As Aflac enters new markets and offers new services, the company needs to adapt its security program continuously to match a rapidly changing threat landscape that includes everything from spear-phishing to the proliferation of malware. Prior to adopting the Splunk platform, Aflac relied on a legacy security information and event management (SIEM) solution, but the company required a stronger threat intelligence platform to detect and respond to attacks adequately.
According to D.J. Goldsworthy, director of Security Operations and Threat Management for Aflac, “With our previous SIEM, you had to know the data exceedingly well before you could take action, whereas Splunk helps you know your data very quickly. Splunk made us much nimbler and enabled us to show value to all of our stakeholders quickly.”
Initially, Aflac stood up Splunk Enterprise Security (ES) for threat hunting. “Our proof of concept, in essence, was using Splunk ES for our threat hunting use cases, and the time to value far exceeded our expectations,” Goldsworthy says. “We were able to do extraordinary things in a very short period of time to detect advanced threats. Ultimately, that was the decision point for us to make a much larger investment in Splunk ES and UBA [User Behavior Analytics] across our different security use cases.”