Analytics-Driven Security

Today’s enterprise requires big data security solutions that can adapt to advanced threats and changing business demands. Simple monitoring of traditional security events is no longer enough. Security practitioners need broader insights from new data sources generated at massive scale across IT, the business and in the cloud.

Staying ahead of external attacks, malicious insiders and costly fraud demands continuous security and compliance monitoring, fast incident response and the ability to detect and respond to known, unknown and advanced threats.

Splunk® security solutions enable organizations to detect, respond and prevent these threats by providing valuable context and visual insights to help you make faster and smarter security decisions. Splunk enables analytics-driven security.

Get Started
  • Video
    Why Splunk for Security
  • Solution Guide Splunk for Security
  • Technical Brief Using Splunk Software as a SIEM
  • Technical Brief Building a SOC with Splunk
  • ebook (Registration Required) Splunk and the CIS Critical Controls
  • Resources Security and Fraud Use Cases
  • Demo
    Security Investigation
Security Investigation Online Experience Try It Now
Splunk Premium Solution

SIEM and Beyond

Splunk Enterprise Security

Splunk Enterprise Security is the industry-leading security intelligence platform that addresses Security Information and Event Management (SIEM) use cases. It provides pre-packaged dashboards and correlations, reports, incident response workflows and visualizations to increase the effectiveness and efficiency of security teams.

Learn More Free Online Sandbox

Try the Splunk Security Investigations Online Experience 


Security Solutions

Adaptive Response Initiative

The Splunk-led Adaptive Response Initiative connects a community of best-of-breed security vendors to improve cyber defense strategies.





Learn More

Advanced Threat Detection

Trace the stages of the kill chain by finding relationships using any field across any data over any timeframe.

Learn More


Provide greater levels of automation and perform continuous monitoring of compliance and regulatory mandates.

Learn More

Fraud and Theft

Search and pivot through real-time or historical data to research and detect fraud or theft and pinpoint abuse.

Learn More

Insider Threats

Use Splunk to detect malicious employees and other insider threats before they can steal, misuse or damage confidential data.

Learn More

Security Investigation

Splunk enables security analysts to take a proactive stance to investigation and response – from monitoring and triage, verifying and escalating, to responding to a breach or infection.

Learn More

User Behavior Analytics

Detect cyber-attacks and insider threats with a solution that leverages data science and machine learning.

Learn More



Uses Splunk Enterprise to quickly mitigate advanced persistent threats (APTs) and meet security regulations.

Read the Case Study


City of Los Angeles

Deployed a Splunk SIEM solution to enhance the detection and response of cyberthreats and intrusions.

Read the Case Study


AAA Western & Central NY

Uses Splunk Cloud to deliver operational improvements and security intelligence while reducing operational complexity.

Watch the Video

Related Apps and Add-Ons

There are currently over 600 add-ons and apps built by Splunk, its partners or community members that provide data input solutions, reports, dashboards, correlations, and utilities for a wide range of functions. These apps and add-ons provide visibility into functional technologies such as intrusion prevention, payload analysis, access control, identity management, threat intelligence, messaging, endpoint threat defense and response. You will also find apps for the management of vendor-specific technologies that provide access to a wide range of utilities for visualizations, geo-location mapping, analytics and enterprise integration. See our complete listing of apps and add-ons on Splunkbase.

Splunk App for Stream

Capture, analyze and correlate network wire data with other log and machine data in Splunk® Enterprise.
Learn More

Splunk App for Windows Infrastructure

Collect Windows endpoint data including file, process, network and host activity and WMI data.
Learn More

Splunk DB Connect

Get business and enterprise context such as customer, product and HR data using real-time integration into traditional relational databases.
Learn More

Splunk App for CEF

Expand capabilities of legacy log management and SIEM solutions by mapping Splunk fields to Common Event Format (CEF) fields.
Learn More

Splunk App for Unix and Linux

Get information about processes, the files they open, user attributes and statistics such as last login times and other security-related information.
Learn More

Splunk App for Microsoft Exchange

Gain real-time visibility into the entire email service to monitor and detect anomalies in email transmission and supporting service components as well as keep track of user behavior.
Learn More

Security Technology
Provider Apps

Over 400 security apps and add-ons developed by Splunk, its partners or community members are available on to provide fast insights into many of the industry’s leading security technologies. These apps and add-ons extend the power of Splunk security solutions by enhancing security protection for threat intelligence, network security, endpoint security and activity, malware and payload analysis and identity and authentication, including environmental, physical and spatial technologies. A complete listing of Splunk apps and add-ons is available on Splunkbase.

Splunk Add-On for Cisco ASA
Free Download

Palo Alto Networks Add-On for Splunk
Free Download

Splunk Add-On for Amazon Web Services
Free Download

Fortinet FortiGate App for Splunk
Free Download

Splunk Add-On for Blue Coat ProxySG
Free Download

Splunk Add-On for Tenable
Free Download
Splunk Add-On for NetFlow
Free Download

Verizon Data Breach Investigations Report 
Free Download

Tanium Splunk Application
Free Download

Ziften for Splunk
Free Download

Proofpoint Protection Server TA for Splunk
Free Download

Splunk Add-On for CyberArk
Free Download

Ask a Security Expert

Girish Bhat



Expertise: Using Splunk for security, compliance and anti-fraud/theft/abuse use cases. Includes how to use Splunk as a SIEM or to power a SOC.

Contact Us
joe goldberg expert