SOC, SOAR, SIEM, MSP, MSSP

Security Update: Splunk Advances SOC Technology

Share
Credit: Adobe Stock Images
  • The High Cost of Downtime and How to Reduce It
  • Splunk Product Innovations: Powering the SOC of the Future
  • Splunk + Cisco Reveal Expanded Partnership Program

Each week ChannelE2E brings you the top security news compiled by our affiliate site MSSP Alert because we know how important cybersecurity is to managed service providers.

This week it feels like a Splunk takeover. MSSP Alert recently traveled to the Splunk user and global partner summit to gather news about this cybersecurity and observability provider’s technology, channel partner program and ongoing integration with its acquirer, Cisco.

Check out our full reports here.

The High Cost of Downtime and How to Reduce It

When digital networks fail due to a security incident or other type of IT outage, the cost can be huge, the negative impact to a company’s reputation notwithstanding.

Splunk has calculated downtime for the Global 2000 companies at $400 billion annually, or 9% of their profits. Those findings come via “The Hidden Costs of Downtime” report that Splunk released during its .conf24 event held recently in Las Vegas, Nevada.

Produced in collaboration with Oxford Economics, the analysis revealed that the consequences of downtime go beyond immediate financial costs. There can also be a lasting toll on a company’s shareholder value, pace of innovation and customer trust.

The report surveyed 2,000 executives from the largest companies worldwide (Global 2000) and showed downtime causes both direct and hidden costs.

Read the complete story here.

Splunk Product Innovations: Powering the SOC of the Future

Splunk’s .conf24 event in Las Vegas last week was an occasion to unveil several new security innovations aimed at helping its 2,200-plus partner ecosystem of MSPs, MSSPs and cybersecurity vendors advance threat detection, investigation and response (TDIR) and security operations across multiple data sources.

These innovations are crucial to powering the security operations center (SOC) of the future, according to Splunk executives.

Among the advancements is Splunk Enterprise 8.0, which empowers security teams to proactively manage and mitigate risks. With standardized terminology and unified automation via Splunk SOAR, Splunk said that Enterprise Security 8.0 improves the SOC workflow experience. The new version also integrates cloud-native Mission Control simplifying how quickly and productively security analysts can detect, investigate and respond to threats.

Mike Horn, senior vice president and general manager of Splunk Security Products, said the latest advancements in Splunk Enterprise Security 8.0 revolutionize the TDIR lifecycle experience for analysts.

“Featuring a seamless investigation and case management solution that includes integrated automation with Splunk SOAR, our latest release empowers SOC teams to navigate the complexities of cybersecurity with efficiency,” Horn said. “Splunk Enterprise Security 8.0 serves as a foundation for the SOC of the future, driving proactive defense in an ever-evolving threat landscape.”

Other advancements include federated analytics that are integrated with Amazon Security Lake, data management innovations, and advancements of AI within integrated Splunk and Cisco technologies.

Read the complete story here.

Splunk + Cisco Reveal Expanded Partnership Program

Partnerships are a key part of Splunk’s business. In fact, 90% of the cybersecurity company’s revenues are impacted by its partnerships, according to channel chief Gretchen O’Hara, vice president of Worldwide Partners & Alliances. She said this during her keynote at the company's Global Partner Summit at Splunk .conf24 in Las Vegas.

Cultivated and maintained through the Partnerverse program, Splunk’s partnerships — especially its MSP and MSSP relationships — are as much key to the success and growth of the company as the technology innovation it shares with Cisco, which purchased Splunk in September 2023 for $28 billion.

Partners including MSSPs and MSPs have been keeping a close eye on Splunk and Cisco's partner program integration on the months since the acquisition. Some analysts have said it will take 18 months to 2 years before a completely integrated partner program emerges. Meanwhile, the organizations are moving in the direction of having the sum be greater than the separate parts with executives from each company signaling cooperation and plans ahead.

In terms of cybersecurity technology, Splunk and Cisco both offer a host of technologies for MSPs and MSSPs -- a key result of the merger being the integration of Splunk Enterprise for Security with Cisco XDR.

O’Hara was joined on stage by Cisco go-to-market president and Splunk GM Gary Steele and Cisco CEO and Chair Chuck Robbins to reinforce the importance of partnerships to the “Splunkers” in attendance. Together, they touted Splunk’s modernization of its Partnerverse program, including an open platform commitment and an “enhanced partner-led culture” across Splunk and Cisco.

Read the complete story here.

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.