Machine data analytics company Splunk has acquired security orchestration firm Phantom Cyber Corporation.
Phantom is more widely known as a SOAR player – Security, Orchestration, Automation and Response (SOAR).
Splunk CEO Doug Merritt is on the record with the customary niceties designed to resonate with similar platitudes from Oliver Friedrichs in his capacity as founder and CEO of Phantom.
Both chiefs have suggested that Splunk plus Phantom is a positive for software engineers involved with security orchestration.
It is, in effect, big data plus SOAR.
SOAR, at machine-speed
SOAR platforms bid to improve the efficiency of security operations by automating tasks, orchestrating workflows, improving collaboration and enabling security software/data developers and their operations counterparts to respond to incidents ‘at machine speed’, as they say.
According to the magical box-loving analysts at Gartner, by year-end 2020, 15% of organisations with a security team larger than five people will be using SOAR tools for orchestration and automation reasons – and that’s up from less than 1% today in 2018.
According to a press statement, “Customers will be able to use Splunk technology for orchestration and automation as an integral part of their Security Operations Center (SOC) platform to accelerate incident response while addressing the skills shortage.”
Splunk now talks about using automation capabilities to help solve automation challenges in a widening range of use cases, including Artificial Intelligence for IT Operations (AIOps).