Splunk
Inc., first in delivering "aha" moments from machine
data, today announced a definitive agreement to acquire Phantom Cyber
Corporation, a leader in Security Orchestration, Automation and Response
(SOAR). Under the terms of the agreement, Splunk will acquire Phantom
for a total purchase price of approximately $350 million, subject to
adjustment, to be paid in cash and stock. The acquisition is expected to
close during the first half of 2018, subject to customary closing
conditions and regulatory reviews. Oliver Friedrichs, Founder and CEO,
Phantom will report to Haiyan Song, senior vice president and general
manager of security markets, Splunk.
"Phantom's employees and technology significantly expand and strengthen
Splunk's vision for the security nerve center and for business
revolution through IT," said Doug Merritt, President and CEO, Splunk.
"Splunk is committed to continuously pushing the limits of technology to
help our customers get the answers they need from their data. I am very
excited to reach this definitive agreement with Phantom and look forward
to welcoming the team to Splunk."
"Sourabh Satish and I founded Phantom to give SOC analysts a powerful
advantage over their adversaries, a way to automatically and quickly
resolve threats," said Oliver Friedrichs, Founder and CEO, Phantom.
"Combining SOAR with the industry's leading big data platform is a
revolutionary advance for security and IT teams and will further cut
down the time it takes them to eliminate threats and keep the business
running. We are thrilled to empower Splunk customers to solve these
important challenges."
Analytics-Driven Security and SOAR
SOAR platforms improve the efficiency of security operations by
automating tasks, orchestrating workflows, improving collaboration, and
enabling organizations to respond to incidents at machine speed.
According to Gartner*, "By year-end 2020, 15% of organizations with a
security team larger than five people will leverage SOAR tools for
orchestration and automation reasons, up from less than 1% today."
Customers will be able to use Splunk® technology for orchestration and
automation as an integral part of their Security Operations Center (SOC)
platform to accelerate incident response while addressing the skills
shortage. The combination will help SecOps teams to:
- Advance cyber defense and reduce organizational risk using
analytics-driven security
- Respond faster by accelerating incident response
- Work smarter and reduce staffing and skills challenges
Automation Beyond Security
Once integrated with the Splunk platform, IT teams will be able to
leverage these automation capabilities to help solve automation
challenges in a widening range of use cases, including Artificial
Intelligence for IT Operations (AIOps). According to Gartner, "By
2022, 40% of all large enterprises will combine big data and machine
learning functionality to support and partially replace monitoring,
service desk and automation processes and tasks, up from 5 percent
today."