RSA CONFERENCE 2016 - Splunk, Inc., provider of the leading software platform for real-time Operational Intelligence, today announced that it is leading a new initiative to better combat advanced attacks with a unified defense. Splunk has developed the Adaptive Response Initiative to connect with a community of best-of-breed security vendors to improve cyber defense strategies and security operations. Founding participants of the Adaptive Response Initiative include Carbon Black, CyberArk, Fortinet, Palo Alto Networks, Phantom, Splunk, Tanium, ThreatConnect and Ziften. These companies will be demonstrating their adaptive response bi-directional integration with Splunk® software at RSA Conference 2016 in San Francisco today through Thursday, March 3.
“The mission of the Adaptive Response Initiative is to bring together the best technologies across the security industry to help organizations combat advanced attacks,” said Haiyan Song, senior vice president of security markets, Splunk. “Modern cyber threats are dynamic, and attackers are constantly finding new ways to get in and exploit networks and systems. This new challenge goes well beyond preventing individual stages of an attack. Adaptive Response aims to more effectively connect intelligence across best-of-breed technologies to help organizations improve their security posture, quickly validate threats, and systematically disrupt the kill chain.”
“The Adaptive Response Initiative is a welcome move to work on the speed and strength of threat detection and response by working to connect intelligence across security domains such as endpoints and networks,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Best-of-breed tools and products have done a good job so far and are still essential, but they are not designed to work well together out of the box. The Adaptive Response Initiative is determined to enable these discrete technologies to work together through a connected nerve system, like Splunk, with a goal of making security teams work faster, smarter and with more agility.”
“The Adaptive Response Initiative is an exciting step forward in helping enterprises defend against advanced attacks,” said Tobias Langbein, security architect, Swisscom. “We worked with Splunk on our Collaborative Security model, which shares a similar framework and approach of the Adaptive Response Initiative. Security teams must be quicker than ever in processing a vast number of alerts with accuracy, and we could no longer afford the manual method of coordinating across various siloes of security for incidence response within our environments.”
Unlike traditional approaches, an adaptive response model combines alert and threat information from multiple security domains and technologies. This collective insight enables security teams to make better-informed decisions across the entire kill chain, especially when validating threats and applying analytics-driven response directives to their security environment. All participants of the Advanced Response Initiative are committed to support a multi-layered security architecture to better connect intelligence across security technologies. Additionally, analytics-driven security can help organizations adapt and respond faster to threats. Interested parties can visit these members for a demonstration and presentation of the bi-directional capabilities with Splunk during RSA:
• Carbon Black (South Expo 1335 & 1535): See how Carbon Black is streamlining attack detection, disruption, and response, within the adaptive response framework.
• CyberArk (North Expo 4301): Learn how CyberArk delivers privileged access management and context within the adaptive response framework to help provide an effective attack response.
• Fortinet (Splunk Booth - North Hall 3321): Watch Ziften and Fortinet work together across endpoint and network to make adaptive response a reality.
• Palo Alto Networks (Splunk Booth - North Hall 3321): Watch live demonstrations of Palo Alto Networks adaptive response integration at work across multiple security domains.
• Phantom (South Expo 2621): See how Phantom security orchestration and playbook automation complement adaptive response.
• Tanium (Splunk Booth - North Hall 3321): Learn how Tanium is taking action to deliver new insights into security environments with adaptive response.
• ThreatConnect (North Hall 3027): Learn how to leverage customizable threat intelligence within the adaptive response framework.
• Ziften (North Hall 4904): Watch Ziften and Fortinet work together across endpoint and network to make adaptive response a reality.
Participants Respond to Adaptive Response Initiative
“Carbon Black is pleased to align with Splunk and join the Adaptive Response Initiative,” said Tom Barsi, senior vice president of business development, Carbon Black. “Enabling organizations to accelerate and automate their incident response processes is more important than ever. Integrating Carbon Black Enterprise Response with Splunk solutions within the Adaptive Response framework will help joint customers reduce dwell time and speed up incident response by providing them with better visibility and more context so they can respond to attacks faster and more efficiently.”
“CyberArk believes coordinated best-of-breed defense is an important step in effectively combatting the numerous and potentially devastating attacks that companies experience every day,” Adam Bosnian, executive vice president of global business development, CyberArk. “Privileged access management can prove vital to end-to-end security context and effective breach response. As an industry-leading solution for managing and controlling privileged access, CyberArk is excited to join the Adaptive Response Initiative.”
“Fortinet already developed strong bi-directional integrations with Splunk solutions based on requirements from joint customers, and we are excited to see the Adaptive Response Initiative,” said Chad Whalen, vice president of global strategic alliances and cloud, Fortinet. “Organizations are moving to multi-layered defense strategies that include internal segmentation and will increasingly require a coordinated approach, and we are pleased to be working with Splunk and other participants of the initiative to help customers better defend against advanced attacks.”
“Together, Palo Alto Networks and Splunk delivered innovation to customers by pioneering a bi-directional integration to help protect critical resources and prevent attacks,” said Chad Kinzelberg, senior vice president of Business and Corporate Development, Palo Alto Networks. “In fact, the Palo Alto Networks App for Splunk is among the top downloads in all of Splunkbase. As our customers are eager to use Palo Alto Networks within the Adaptive Response framework, we look forward to building on our longstanding strategic alliance with Splunk.”
“We’re very pleased to join Splunk’s Adaptive Response Initiative and believe in the importance of a collaborative, integrated ecosystem to drive detection and response,” said Oliver Friedrichs, Founder and CEO, Phantom. “By enabling organizations to streamline security operations, Phantom’s innovative technologies for playbook automation and security orchestration complement Splunk in accelerating incident triage and resolution, and support the mission of the Initiative to maximize security investments.”
“Splunk gets it right with the Adaptive Response Initiative. A collaborative open framework for the automation of security is the only way we can scale effectively, given the increasing volume of data from alerts, attacks, and other sources,” said Curt Aubley, vice president of strategic alliances and technology, Tanium. “Through our seamless integration with Splunk solutions, our mutual customers will have access to Tanium's 15-second visibility and control on all their devices to execute corrective actions, from the detection of threats and quarantining to patching and recovery.”
“ThreatConnect delivered bi-directional integration as part of the Adaptive Response Initiative so our mutual customers can realize the value of a collaborative approach to threat analysis,” said Adam Vincent, CEO, ThreatConnect. “Threat intelligence and threat data can provide key insights to help identify and disrupt attacks. We believe the Adaptive Response Initiative will help customers by sharing indicators of compromise generated by Splunk solutions across the broader community, thereby enabling security teams to be more unified and effective.”
“We are excited by the Adaptive Response Initiative and the opportunities it aspires to create for customers looking to develop a more comprehensive security policy,” said David Shefter, CTO, Ziften. “Ziften offers critical capabilities at the endpoint -- insights such as ZFlow and deep endpoint visibility offer tremendous security and business value, and even more so when delivered within the context of intelligence gathered from other important security technologies.”
About Splunk, Inc.
Splunk, Inc. (splunk.com) is the market-leading platform that powers Operational Intelligence. We pioneer innovative, disruptive solutions that make machine data accessible, usable and valuable to everyone. More than 11,000 customers in over 110 countries use Splunk software and cloud services to make business, government and education more efficient, secure and profitable.
Splunk>, Listen to Your Data, The Engine for Machine Data, Hunk, Splunk Cloud, Splunk Light, SPL and Splunk MINT are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2016 Splunk Inc. All rights reserved.
Investor Contact Information: Ken Tinsley - Splunk, Inc.
P: 415-848-8476 - E: ktinsley[.]splunk.com.