SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Splunk named a leader in 2022 Gartner Magic Quadrant
Mon, 17th Oct 2022
FYI, this story is more than a year old

Splunk has announced it has been named a leader in the 2022 Gartner Magic Quadrant for Security Information and Event Management (SIEM) for the 9th time in a row. Additionally, in the recently released Gartner Market Share: All Software Markets, Worldwide 2021 report, Splunk ranked number 1 in SIEM market share. 

“We are honored to be recognised across these reports, and we thank our customers and partners for making this recognition possible,” says Patrick Coughlin, Vice President of GTM Strategy and Specialisation, Splunk. 

“We believe our position in the Leaders quadrant for the last nine times is a testament to our commitment to deliver a security analytics solution that accelerates threat detection and investigation, mitigates risk and protects your business.”  

Splunk has continued to innovate its flagship security solution, Splunk Enterprise Security, and the rest of the organisation’s integrated security portfolio. Major products and features of the Splunk security portfolio include: 

  • Splunk Enterprise Security: Organisations can assess risk-based alerting that transforms large volumes of noisy alerts into fewer high-fidelity incidents. By grouping related events into a single incident, organisations can drive faster investigation and resolution, giving security teams time back in their day and more control over security operations. 
  • Splunk Intelligence Management (formerly TruSTAR): This integration delivers threat intelligence enrichment to help organisations quickly understand threat context, prioritise triage, and accelerate investigations and response. 
  • Splunk SOAR Cloud: This cloud-managed solution delivers orchestration and automation for faster investigations and responses. With over 100 out-of-the-box automation playbooks, security teams can automate their most routine tasks. 
  • Splunk Enterprise 9.0 and Splunk Cloud Platform: Recently released innovations such as ingest actions, federated search, and data manager are helping to supercharge security use cases such as detecting advanced threats, investigation, and threat hunting. 
  • Splunk Threat Research Team (STRT): Threat research and detections gathered and developed by the STRT fuel Splunk Security products, helping organisations stay one step ahead of emerging threats. With the information provided by STRT, organisations can achieve faster time to value, increased threat visibility and quickly remediate threats using pre-packaged detections, machine-learning models and responses. 

“This is an excellent tool for machine generated data monitoring, analysis and visualisation. Administration is very easy and reduces the risk of security staff addressing security incidents. It provides an enhanced graphical user interface so that the end user can easily navigate through the tool. This tool is able to monitor the logs of end devices more deeply with each event that is triggered in the console, which helps in monitoring. It is very useful for generating reports on reported logs and security issues, which will be easy to extract and monitor offline for convenient use. Provides integration support for almost all security devices available on the market. Allows users to access all log sources from a single box.” says user of Splunk.