SAIC Boosts Security Analytics with Splunk Software
Leading Technology Integrator Built Analytics-Enabled Security Operation Center (SOC) from Ground Up Using Splunk Enterprise and the Splunk App for Enterprise Security
SAN FRANCISCO - April 21, 2015 - Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced that Science Applications International Corp. (NYSE: SAIC), a leader in advanced information technology (IT) services and solutions, has standardized on Splunk® Enterprise and the Splunk App for Enterprise Security as its internal security intelligence platform. SAIC’s Security Operations Center (SOC) team and the computer security incident response team (CSIRT) rely on Splunk software as the backbone of its analytics-enabled SOC to continuously monitor for advanced persistent threats (APT), internal threats and malware. Watch the video to see why SAIC chose Splunk software over legacy SIEM technology for its internal usage and read the case study to learn how SAIC lowered its total cost of ownership by also deploying Splunk software for IT operations and application delivery.
“Using Splunk software, SAIC can quickly identify and fend off intrusions to protect our business and employees,” said Jonathan Jowers, chief information security officer, SAIC. “We built our SOC from the ground up to defend SAIC’s business with the speed and accuracy required in today’s security landscape. Splunk helps us to constantly tune, improve and mature our SOC and CSIRT processes to advance our security posture.”
Jowers will be co-presenting with Monzy Merza, chief security evangelist, Splunk, at RSA Conference 2015 about adopting a continuous breach response posture. The session is on Wednesday, April 22, 2:50 p.m. in the North Hall Briefing Center.
Using Splunk Enterprise and the Splunk App for Enterprise Security, SAIC has been able to track and address incidents, build predictive dashboards that analyze the scope of an attack and, through an established response matrix, determine what action needs to be taken. When a breach is detected, analysts use Splunk dashboards to drill down into correlations that reveal the source of the intrusion and add invaluable real-time context to CSIRT’s investigation. Analysts also developed custom Splunk dashboards that can take the user directly from raw data to third party tools to help with the investigation into active threats.
“Today’s advanced threats are increasingly coordinated and require adaptive analytics capabilities to stop an attack in progress. Analytics-enabled SOCs leverage all security-relevant data in the enterprise to not only identify attacks but also recognize the patterns behind a breach,” said Haiyan Song, senior vice president of security markets, Splunk. “Regardless of whether it is a nation-state, criminal enterprise, or insider threat, organizations should strive to be able to detect and remediate these threats within minutes and this capability depends upon an analytics-enabled SOC.”
Learn more about the Splunk App for Enterprise Security on the Splunk website. Version 3.3 of the Splunk App for Enterprise Security and will be generally available (GA) on April 30.
About Splunk Inc.
Splunk Inc. (NASDAQ: SPLK) provides the leading software platform for real-time Operational Intelligence. Splunk® software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. More than 9,000 enterprises, government agencies, universities and service providers in more than 100 countries use Splunk software to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce cost. Splunk products include Splunk® Enterprise, Splunk Cloud™, Hunk®, Splunk Light™, Splunk MINT and premium Splunk Apps. To learn more, please visit http://www.splunk.com/company.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Hunk, Splunk Cloud, Splunk Light, Splunk Storm, SPL, Splunk MINT are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2015 Splunk Inc. All rights reserved.