Splunk, Inc., provider of the leading software platform for real-time Operational Intelligence, today announced it has acquired Caspida, Inc., a leading innovator in machine learning and behavioral analytics. Under the terms of the agreement, Splunk has acquired all of the outstanding stock of Caspida for an aggregate purchase price of approximately $190 million, including approximately $127 million in cash and $63 million in restricted Splunk securities.
The combination of Splunk® and Caspida™ technology revolutionizes the security market by unifying world-class breach response with breach detection. Recent high-profile breaches show virtually all attacks happen with compromised credentials, and automated detection leveraging machine learning is the future for detecting known and unknown threats from insider and external attackers. Splunk customers now have out-of-the-box user behavioral analytics to help detect, respond to and mitigate these threats. This combination of Splunk’s leading machine data platform with Caspida software provides the most comprehensive security analytics solution available today.
“Splunk built its reputation in security by enabling customers to more effectively respond to breaches. With this acquisition, our customers can now also better detect advanced threats - the breaches that are becoming more complex and severe with each passing day,” said Haiyan Song, senior vice president of security markets, Splunk. “With Caspida, Splunk accelerates its focus on solving advanced threats - both external and from insiders - by shining a light on those who are wrongfully using valid credentials to freely and unpredictably exploit systems they have accessed. By addressing the entire lifecycle of known and unknown advanced threats, and by providing a platform to detect, respond to, and automate actions, Splunk has further reinforced its position as the security nerve center.”
Attacks with trusted access are often not detected by existing security approaches. Whether gaining access through compromised accounts/systems or leveraging existing privileges to conduct malicious activities, attackers often do not need to deploy additional malware. These activities are dynamic and attackers will find ways to evade traditional security technologies. Even if detected, security analysts must find supporting evidence, often using a kill chain methodology to identify the progression of activities from intrusion to lateral movement to exfiltration. Caspida has innovated the use of data science and machine-learning algorithms to detect advanced threats and malicious insiders - presenting the most meaningful set of threats for SOC analysts and incident responders.
“We founded Caspida with a vision of applying data science to help solve the most pressing cybersecurity challenges - advanced threats and insider threats,” said Muddu Sudhakar, CEO, Caspida. “By analyzing machine data and using data science to detect meaningful anomalous behavior of users, devices and entities, Caspida has solved a problem that previously required significant manpower and expensive, do-it-yourself toolsets. We are very excited to join the Splunk family and deliver new detection capabilities to customers.”
Key capabilities of the combination of the Splunk and Caspida solutions include the ability to:
• Detect Advanced, Hidden and Insider Threats Out-of-the-Box Using Data Science
- Continuous threat and anomaly detection that applies multi-domain analysis using machine learning.
- Uncovers hidden breaches and new attacks out-of-the-box without extensive customization.
• Improve Threat Detection with Targeted Incident Response
- Provides threat activities relative to the kill chain with supporting evidence to enable targeted remediation.
- Detects multi-domain (user, device and traffic applications) anomalies and streamlines threat review and incident resolution.
• Dramatically Increase SOC Efficiency
- Scores and highlights the most important threats and anomalies to minimize alert fatigue.
- Detects and provides insights on threats and suspicious activities to complement and extend threat intelligence.
“The majority of purchase price consideration will be paid from our existing cash. Total equity consideration plus Caspida employee retention incentives will result in less than 1 percent total dilution from this transaction,” said Dave Conte, chief financial officer, Splunk. “Operationally, we plan to spend this year integrating the technology and expect it to contribute to top line revenues next year. We will absorb the expense base of Caspida this year, and we reaffirm our current full fiscal year 2016 revenue, non-GAAP operating margin, and operating cash flow guidance.”
Safe Harbor Statement
This press release contains forward-looking statements that involve risks and uncertainties, including statements regarding the expected benefits of the acquisition of Caspida, the impact of the acquisition on Splunk’s products and services, the capabilities of Caspida’s products and services, the impact of the acquisition on Splunk’s financial condition, Splunk’s revenue, non-GAAP operating margin and cash flow targets for fiscal year 2016, and expected dilution to Splunk stockholders. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release, including: difficulties encountered in integrating merged businesses and technologies; costs related to the acquisition; market acceptance of the acquisition and resulting products and services; Splunk’s limited operating history and experience developing and introducing new products; Splunk’s inability to realize value from its significant investments in its business, including product and service innovations; and general market, political, economic and business conditions.
Additional information on potential factors that could affect Splunk’s financial results is included in the company’s Quarterly Report on Form 10-Q for the quarter ended April 30, 2015, which is on file with the U.S. Securities and Exchange Commission. Splunk does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.
About Splunk, Inc.
Splunk Inc. (splunk.com) provides the leading software platform for real-time Operational Intelligence. Splunk® software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. More than 9,500 enterprises, government agencies, universities and service providers in more than 100 countries use Splunk software to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce cost. Splunk products include Splunk® Enterprise, Splunk Cloud™, Hunk®, Splunk Light™, Splunk MINT and premium Splunk Apps.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Hunk, Splunk Cloud, Splunk Storm, SPL, Splunk MINT Express and Splunk MINT Enterprise are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2015 Splunk Inc. All rights reserved.
Investor Contact Information: Ken Tinsley - Splunk, Inc.
P: 415-848-8476 - E: ktinsley[.]splunk.com.