From the SIEM to the Lake: Bridging the Gap for Splunk Customers Post-Acquisition

The smoke has cleared on Cisco's largest acquisition ever: that of Splunk for $28 billion in September.
This acquisition has added a new layer of uncertainty for users, many of which were already wondering what the future holds for threat detection and response in the cloud.
The steep buyout premium reflects an expectation that customers will stick around and gain a preference for additional Cisco security products.
Organizations that spent years investing in Splunk infrastructure and content have good reasons to stay on.
They fear that severing ties with Splunk would wreak havoc on workflows that Security Operations Centers rely on to assess and mitigate security threats to the business.
Improved offerings from the cloud hyperscalers and advanced data lake offerings have kicked off a wave of SOC modernization initiatives.
Over the last few months since the acquisition of Splunk, we've been waiting for the other shoe to drop, and it finally has.
The technology, the leaders, everything now is shifting so that security teams can have a more open future - a future where they're not locked into a single SIEM, one with freedom for detections, and freedom for response.
From data pipelines to threat detection platforms, an unbundling is taking place.
Security organizations increasingly prioritize flexibility and optionality, driving demand for decoupled solutions.
Analytics separate from data storage, stand schemas and open table formats are all gaining mindshare.
Interest in decoupling threat detection from log storage is fueled by the huge difference in cost between data platform options.
Where tightly coupled SIEM solutions impose a steep ingest tax, cloud data lake options charge by usage and don't limit retention.
Use cases whose data can be analyzed outside the SIEM often see cost savings upwards of 80%. The combination of improved visibility and lower spend makes new data platforms appealing.
They are looking for ways to augment Splunk with data platforms that deliver efficiencies and support the latest machine learning.
In my experiences working with customers at Snowflake, I saw the immediate impact when they could start using Snowflake alongside Splunk.
They no longer only had one option for their security data.
Security teams demand the liberty of choosing where their data lives and the flexibility to detect threats equally well across their SIEM and data lake of choice.
Omer Singer is the VP of Strategy at Anvilogic where he helps customers break free from SIEM lock-in.
With an extensive background as the former Head of Cybersecurity Strategy at Snowflake and VP of Security Operations at a global MSSP, Omer brings over 15 years of experience and a belief in the power of better data to drive better security.


This Cyber News was published on www.cyberdefensemagazine.com. Publication date: Sat, 17 Feb 2024 18:43:05 +0000


Cyber News related to From the SIEM to the Lake: Bridging the Gap for Splunk Customers Post-Acquisition

From the SIEM to the Lake: Bridging the Gap for Splunk Customers Post-Acquisition - The smoke has cleared on Cisco's largest acquisition ever: that of Splunk for $28 billion in September. This acquisition has added a new layer of uncertainty for users, many of which were already wondering what the future holds for threat detection ...
10 months ago Cyberdefensemagazine.com
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
5 months ago Securityweek.com
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
5 months ago Packetstormsecurity.com
Optimizing Data Lake Usage with Effective Object Management - Data lakes are a popular solution for data storage, and for good reason. Data lakes are flexible and cost effective, as they allow multiple query engines and many object formats without the need to manage resources like disks, CPUs, and memory. In a ...
10 months ago Imperva.com
Generative AI Takes on SIEM - With more vendors adding support for generative AI to their platforms and products, life for security analysts seems to be getting deceptively easier. While adding generative AI capabilities to security information and event management is still in ...
1 year ago Darkreading.com
CVE-2024-0762 - Potential buffer overflow ...
7 months ago
Panther Labs introduces Security Data Lake Search and Splunk Integration capabilities - These offerings mark a critical leap forward in managing security risks in today's cloud-first landscape. As organizations race to implement machine learning capabilities, they're increasingly reliant on decentralized, cloud-based data stores and ...
1 year ago Helpnetsecurity.com
The Noticeable Shift in SIEM Data Sources - SIEM solutions didn't work perfectly well when they were first introduced in the early 2000s, partly because of their architecture and functionality at the time but also due to the faults in the data and data sources that were fed into them. While ...
10 months ago Feeds.dzone.com
CVE-2022-32152 - Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured ...
2 years ago
CVE-2022-32153 - Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured ...
2 years ago
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit - IBM's surprise departure from cybersecurity software this week didn't just rearrange the competitive landscape - it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar ...
7 months ago Darkreading.com
CVE-2022-29277 - Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM ...
2 years ago
CVE-2022-32151 - The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform ...
2 years ago
SentinelOne to Expand Cloud Security Capabilities With Acquisition of PingSafe - PRESS RELEASE. MOUNTAIN VIEW, CA - January 3, 2024 - SentinelOne, a global leader in AI-powered security, today announced that it has agreed to acquire PingSafe. The acquisition of PingSafe's cloud native application protection platform, when ...
11 months ago Darkreading.com
Driven Technologies Expands Expertise With Acquisition of ieMentor - PRESS RELEASE. NEW YORK, Jan. 3, 2024 /PRNewswire/ - Driven Acquisition Inc, DBA Driven Technologies, a NY based leading cybersecurity and cloud service provider, today announced the acquisition of ieMentor, a Cisco Gold Partner with multiple ...
11 months ago Darkreading.com
Cisco Completes $28 Billion Acquisition of Splunk - Cisco on Monday completed its $28 billion acquisition of Splunk. The networking giant paid $157 per share in cash for Splunk, a powerhouse in data analysis, security and observability tools, in a deal first announced in September 2023. Cisco plans to ...
9 months ago Securityweek.com
Inspiring Innovation at Cisco Live Las Vegas 2024 - Being in the technology industry means we've all had a front-row seat to witness tectonic shifts such as the inception of the internet and now Cisco will impact that level of change again. To assist you in this journey at Cisco Live, and beyond, is ...
6 months ago Feedpress.me
Kiteworks' Maytech Acquisition Reaffirms Commitment to UK Market - PRESS RELEASE. London / San Mateo, USA, November 22, 2023 - Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network, announced today the merger with Maytech, which offers data ...
1 year ago Darkreading.com
CVE-2022-32156 - In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure ...
2 years ago
Exploring the SIEM Environment Identifying and Overcoming Vendor Tricks - Are you fed up with the never-ending games and deceptive tactics used by security information and event management vendors? It's time to take control and make informed decisions. That's why we have decided to launch a series of blog posts to help ...
1 year ago Exabeam.com
Cyber A.I. Group Announces Substantial Expansion of Acquisition Pipeline - Cyber A.I. Group, Inc., an emerging growth global cybersecurity, A.I. and IT services company, announced today the significant expansion of the Company's acquisition pipeline. Artificial Intelligence, currently under development and building momentum ...
5 months ago Hackread.com
CVE-2016-4859 - Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk ...
7 years ago
CVE-2016-4858 - Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk ...
7 years ago
Empowering Women in Cybersecurity: Bridging the Gender Gap - On the occasion of the International Day of Women and Girls in Science, it is crucial to address the gender disparity that still persists in the cybersecurity sector. While the field has seen significant growth over the years, women continue to be ...
10 months ago Blog.checkpoint.com
Splunk Joins Cisco: Our Partner Ecosystems Just Got Even Stronger - We're looking forward to this exciting new chapter of our journey together - and it couldn't have come at a better time. In today's digital world, organizations need to connect the people, places, apps, data, and devices that power their business, ...
9 months ago Feedpress.me

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)