Splunk Security Cloud is a security platform that Eric Schou, head of security marketing at Splunk, says takes the same approach to security as the rest of Splunk: data first. It includes the security orchestration, automation and response (SOAR) software that Splunk acquired in its 2018 purchase of Phantom.
“Overall, Splunk is a data company. Splunk’s value around what it does for customers is bringing data, ingesting data, normalizing data, and making it actionable for customers, whether that’s security, whether that’s in the DevOps space, or core IT,” Schou said in an interview. “The company was really rooted in the IT space and then as the company evolved, there were things that maybe started as a use case like security, and then customers quickly realized that visualizing and having access and doing things like analytics on top of that data to quickly understand where they are, what they can do, and taking proactive measures to protect themselves was really good — more than a use case.”
#cloud services #security #cloud #splunk