Skip to main content

Public Sector

Defense and Intelligence Agencies

Bring data to every mission

Real-Time Situational Awareness for Missions

Defense and intelligence agencies are looking to embrace technologies that can offer a competitive advantage to ensure the success of their missions — be it protecting the homeland, keeping the peace in a war-torn country or delivering humanitarian relief. All four branches of the U.S. Military and many agencies in the intelligence community already use Splunk to make confident decisions and take decisive action at mission speeds.

In addition to meeting National Information Assurance Partnership (NIAP) Common Criteria certification, Splunk Cloud Platform has recently achieved US Department of Defense Provisional Authorization at Impact Level 5. Splunk Cloud Platform with DoD Impact Level 5 authorization is available for sale now, with Defense network (NIPRnet) connectivity coming soon. Splunk Cloud Platform proudly meets FedRAMP security standards at the Moderate Impact Level, accelerating time-to-value. The Splunk Cloud FedRAMP service also meets U.S. Persons requirements under ITAR and is ISO 27001 certified.

With Splunk you can:


See how Mitre discovers threats by monitoring behaviors and endpoints, and how they share obtained analytics.


promo-mitre promo-mitre


Traditional perimeter-based defense approaches are ill-equipped to handle today's security threats from nation states, sophisticated cyber criminals and insiders. Siloed products and a skills and resource shortage are compounding the challenge. Agencies require Splunk's analytics-driven security approach to quickly determine malicious activity and enable fast incident response through an intuitive, integrated interface.

/incident-response /incident-response

Insider Threats

The need to detect insider threats has forced agencies to look for new ways to understand complex user behavior. Knowing the difference between willful acts and innocent mistakes requires understanding when user activity is abnormal in the broader context of employee behavior.

Identifying activities that are unauthorized or suspicious is done through the use of Splunk's statistical analysis commands on very large data volumes. Using statistical analysis, personal-activity comparative analysis, and user-activity context analysis, Splunk technology can correlate these key data types with user activities to provide a more complete story around suspected malicious behavior.

insider-threat insider-threat

Internet of Things and the Data-Driven Battlefield

The Army has started testing TALOS (Tactical Assault Light Operator Suit) in the field for deployment in 2018. Sensor data from the suit can provide information on the operating status of suit hydraulics and batteries. Next steps often discussed include monitoring soldier vital signs and hydration. Learn how Splunk enables concepts such as smart soldiers and connected vehicles that can provide real-time situational awareness and accelerate mission operational efficiencies.

data-driven-battlefield data-driven-battlefield
What can you do with Splunk?