Splunk To Acquire Security Orchestration And Automation Response Software Provider Phantom Cyber


Printer-friendly version Email this CRN article

Machine data analytics software provider Splunk is acquiring Phantom Cyber Corp., a developer of security orchestration, automation and response (SOAR) software, for $350 million under a definitive agreement announced Tuesday.

The acquisition, expected to close in the first half of 2018, will extend Splunk's already-considerable capabilities in the IT security arena.

"Phantom's employees and technology significantly expand and strengthen Splunk's vision for the security nerve center and for business revolution through IT," said Doug Merritt, Splunk President and CEO, in a statement. "Splunk is committed to continuously pushing the limits of technology to help our customers get the answers they need from their data."

[Related: Splunk Steps Up SIEM Investigation Capabilities Of Its Enterprise Security System]

Security operations center analysts utilize SOAR systems to automate tasks, orchestrate workflows, improve collaboration and help organizations respond more quickly to security threats, according to Splunk.

Splunk's machine data analytics software is already used by many organizations as a component of their IT security systems, collecting data from systems and devices for threat analysis. The San Francisco-based company partners with a number of leading IT companies, including Cisco, Palo Alto Networks and Verizon, which leverage Splunk's software as part of their security offerings.

Splunk also markets its own Splunk Enterprise Security software for analytics-based SIEM (security incident and event management) software that runs on the Splunk Enterprise platform.

Security applications account for about 40 percent of Splunk's business and the acquisition of Palo Alto, Calif.-based Phantom will likely increase that.

Splunk said it will integrate Phantom's software with the Splunk platform to create a comprehensive SOAR system that SecOps teams can use to accelerate incident response, advance cyber defense and reduce organizational risk using analytics-driven security, and better manage security operations centers with reduced staffs.

Splunk is paying $350 million in cash and stock to buy Phantom, with the majority of the purchase price expected to be in cash, Splunk CFO Dave Conte said in a statement. The mid-2018 closing is subject to customary conditions and regulatory reviews.

Phantom CEO and founder Oliver Friedrichs will report to Haiyan Song, Splunk senior vice president and general manager of security markets.

Printer-friendly version Email this CRN article