Skip to main content

Splunk Acquisition of Caspida




What are we announcing?

We are announcing our acquisition of Caspida, a leading provider of data science-driven Behavioral Analytics for security. This acquisition is aligned to our strategy of expanding our cybersecurity offerings and will enable us to bring advanced analytical capabilities to our customers and further extends Splunk’s market-leading analytics-enabled SIEM solution.


Who is Caspida?

Caspida is a leading provider of Behavioral Analytics focused on detecting advanced and insider threats. Caspida’s approach is differentiated in several ways:


Caspida’s approach is differentiated in several ways:

  • Caspida uses various data science techniques, leveraging machine learning, classification, statistical models, Markovian algorithms, inference and grouping models. The underlying technologies of Caspida’s product allow Splunk to address additional security use cases, such as fraud detection.
  • Caspida presents the threat using the kill chain and supporting evidence to support rapid response and decision making.
  • Caspida focuses beyond the user by including devices and other entities.


Why did Splunk buy Caspida?

The combination of Splunk and Caspida will revolutionize the security market by unifying world-class breach response with breach detection. Recent high-profile breaches show virtually all attacks happen with compromised credentials, and automated detection leveraging machine learning is the future for detecting known and unknown threats from insider and external attackers. Splunk customers now have out-of-the-box user behavioral analytics (UBA) to help detect, respond to and mitigate these threats. This combination of Splunk’s leading machine data platform with Caspida software provides the industry’s most comprehensive security analytics solution available today.

With Caspida, Splunk accelerates our focus on solving advanced threats – both external and from insiders – by shining a light on those who are wrongfully using valid credentials to freely and unpredictably exploit systems they have accessed. By addressing the entire lifecycle of known and unknown advanced threats, and by providing a platform to detect, respond to, and automate actions, Splunk has further reinforced its position as the security nerve center.


What Is Behavioral Analytics?

Behavioral Analytics uses correlation, machine learning, statistical models, rules and visualization techniques to develop user and entity profiles, and compare and contrast activities to help detect and expose outliers and threats.


How much are we paying for Caspida?

Financial details of the acquisition can be found in our press release at



What will the combined solution be capable of?
The combination will address the entire lifecycle of threat detection and response:


Detect Advanced, Hidden and Insider Threats Out-of-the-Box Using Data Science

  • Continuous threat and anomaly detection that applies multi-domain analysis using machine learning
  • Uncovers hidden breaches and new attacks out-of-the-box without extensive customization


Improve Threat Detection with Targeted Incident Response

  • Provides threat activities relative to the kill chain with supporting evidence to enable targeted remediation
  • Detects multi-domain (user, device and traffic applications) anomalies and streamlines threat review and incident resolution


Dramatically Increase SOC Efficiency

  • Scores and highlights the most important threats and anomalies to minimize alert fatigue.
  • Detects and provides insights on threats and suspicious activities to complement and extend threat intelligence

Partners and Tech Alliances


I am a Strategic Technology Alliance partner, so how does this acquisition affect me?

First and foremost, we will maintain an open approach to our platform as we want machine learning, Behavioral Analytics, and UBA to be available from not just us, but also from our partners.

With the added capabilities of Caspida, Splunk’s security portfolio will be broader; it will improve our joint solution coverage and increase the value proposition to customers. All current go- to- market activities will continue as is and there will be no impact on current joint customer engagements.

The end result is additional choice for our mutual customers.



I’m a current or potential Splunk customer; when will I be able to purchase Caspida for Behavioral Analytics?

As we are in the process of commercializing the technology, please contact us at to understand product availability timelines. As we approach GA, we intend to integrate with existing Splunk products and will keep you posted on developments.


I am interested in UBA and threat analytics and detection. How can the Caspida solution, using machine learning, help me detect advanced threats?

This acquisition will enhance Splunk’s offering and capabilities in all these areas, especially with out-of-the-box solutions for UBA. We recommend you reach out to your Splunk account manager to get a better understanding of how Splunk’s new offerings can help you based on your unique use cases. You can also contact Splunk sales at

Additional Questions


Whom do I contact for additional questions?

Tom Stilwell (Press and Media)

Ken Tinsley (Investor Inquiries)

Technology Alliance Partners

ASA Specialist Sales Team