Splunk SOAR Customer Testimonials

What our customers say about Splunk SOAR



Splunk Customer Fact

A medium enterprise computer software company was able to immediately automate multiple security workflows after deploying Splunk SOAR.

Splunk Customer Fact

A federal government organization said, “We save time triaging our most repetitive, basic security tasks by using automated security workflows; and, we have reduced our mean time to respond to security incidents.”

Splunk Customer Fact

Since using Splunk SOAR, a federal government organization is 2 times faster at responding to security events.

Splunk Case Study

A Medium Enterprise Computer Software Company Saves Up To $1 Million in Analyst Time Using Splunk SOAR

Introduction

This case study of a medium enterprise computer software company is based on a March 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Before implementing Splunk SOAR, the medium enterprise computer software company was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Integrating our disparate security technologies
  • Addressing a lack of personnel on our security staff
  • Creating standardized security workflows

Use Case

The software company rated these Splunk SOAR features and functionalities superior when compared to other SOAR vendors/solutions:

  • Alert, Event & Case Management
  • Team Collaboration on Events and Cases
  • Ease of Use
  • Ability to Automate Our Key Use Cases
  • Ability to Integrate with Our Key Technologies
  • Building and Deploying Playbooks
  • Visualization with Dashboards and Reporting

In addition to rating the integration between Splunk SOAR and Splunk Enterprise and Cloud Platforms, and Splunk Enterprise Security (SIEM) as highly valuable, the company reported significant increases in speed and efficiency when automating the following use cases:

  • Splunk Enterprise Security (SIEM) Alerts/Notables Investigations
  • Cloud Security Alert Investigations
  • Endpoint Security Alert Investigations
  • Network Security Alert Investigations
  • Vulnerability Patching & Remediation
  • Scheduled Identity and Access Management checkups
  • Scheduled Attack Surface Enumeration
  • Ad-Hoc Threat Hunting

Results

The surveyed company was able to immediately automate multiple security workflows after deploying Splunk SOAR, and said it had reduced mean time to respond to security incidents. The company confirmed that since using Splunk SOAR, its team is 5 times faster to security events, and they achieved savings of up to $1 Million in their first 12 months of use (based on analyst time saved).

Splunk Case Study

Fortune 500 Telecommunications Services Company Automates Numerous Security Workflows, Sees Quick ROI Using Splunk SOAR

Introduction

This case study of a Fortune 500 telecommunications services company is based on a March 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk SOAR:

  • Managing a high volume of security alerts
  • Integrating our disparate security technologies
  • Addressing a lack of personnel on our security staff
  • Measuring the effectiveness of our security operations

Use Case

The Fortune 500 Telecommunications Services Company stated that the following were valuable:

  • Splunk Enterprise Platform
  • Splunk Cloud Platform
  • Splunk Enterprise Security (SIEM), and
  • Splunk User Behavior Analytics (UBA)

The profiled company also rated the following features as significantly better than competitive offerings:

  • Alert, Event & Case Management
  • Team Collaboration on Events and Cases
  • Ease of Use
  • Ability to Automate Our Key Use Cases
  • Ability to Integrate with Our Key Technologies
  • Building and Deploying Playbooks
  • Visualization with Dashboards and Reporting

Results

The surveyed company achieved the following results with Splunk:

  • Able to automate multiple security workflows after deploying Splunk SOAR Within the first 3 Months.
  • Agreed with the following:
    • We are more proactive and focused on mission-critical objectives.
    • We save time triaging our most repetitive, basic security tasks by using automated security workflows.
    • We are more efficient, productive, and can do more with the staff we already have.
    • We better measure our security operations with improved reporting.
    • We improved our ability to collaborate and align responses to prioritized risks.
    • We have reduced our mean time to respond to security incidents.
  • Confirmed that since using Splunk SOAR, they are 5 times faster (e.g. a workflow that took us 30 minutes to complete now takes 6 minutes) to security events.
  • In their first 12 months of using Splunk SOAR, they experienced up to $500,000 in savings based on analyst time saved alone.

Splunk Customer Testimonial

Being able to use adaptive response to send notables to our case management platform is very important. Our GSFC is silo’d, so we rely on Splunk to create dashboards that communicate important metrics to other teams.

Sabrina C, Incident Responder, Financial Services - Insurance

Splunk Customer Satisfaction Rating

Sabrina C, an Incident Responder at Financial Services – Insurance, would be very likely to recommend Splunk for this reason:

Using Splunk SIEM mostly for querying indexes makes my job so much easier when I don’t have to log into so many different tools. I am an IH/IR employee and I rely on Splunk SOAR to triage alerts. It is invaluable, since it would take a longer time to respond with manual case creation.

Splunk Customer Fact

Since using Splunk SOAR, a medium enterprise financial services company is 10x faster (e.g. a workflow that took 30 minutes to complete now takes 3 minutes) to respond to security events.

Splunk Customer Fact

A medium enterprise financial services company said that, due to using Splunk SOAR, it is:

  • More proactive and focused on mission-critical objectives.
  • Saving time triaging its most repetitive, basic security tasks by using automated security workflows.
  • More efficient, productive, and can do more with the staff it already has.
  • Better able to measure security operations with improved reporting.
  • Better able to collaborate and align responses to prioritized risks.
  • Benefiting from reduced mean time to respond (MTTR) to security incidents.

Splunk Customer Fact

Since using Splunk SOAR, Hurricane Labs is 60x faster (e.g. a workflow that took us 30 minutes to complete now takes 30 seconds) to respond to security events.

Splunk Case Study

Genesys S.A. Automates Multiple Security Workflows within 3 Months of Deploying Splunk SOAR

Introduction

This case study of Genesys S.A. is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

Challenges

Before implementing Splunk SOAR, Genesys S.A. was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Addressing a lack of personnel on our security staff
  • Creating standardized security workflows
  • Measuring the effectiveness of our security operations

Use Case

Genesys S.A. rated Splunk SOAR on the following feature areas when compared to other SOAR vendors/solutions:

  • Superior for alert, event and case management and visualization with dashboards and reporting
  • Significantly better for team collaboration on events and cases, along with ease of use
  • Better for ability to automate key use cases, integration with key technologies, and building and deploying playbooks

Genesys S.A. saw an increase in speed and efficiency when automating the following use cases through Splunk SOAR:

  • Ransomware Investigations
  • Splunk Enterprise Security (SIEM) Alerts/Notables Investigations
  • Cloud Security Alert Investigations
  • Endpoint Security Alert Investigations
  • Network Security Alert Investigations
  • Vulnerability Patching & Remediation
  • Scheduled Identity and Access Management checkups
  • Scheduled Attack Surface Enumeration
  • User-reported Anomaly Investigations
  • Ad-Hoc Threat Hunting

Genesys S.A. rates the integration between Splunk SOAR and other Splunk products as valuable to its overall security operations. The integration with Splunk Enterprise Platform and Splunk Enterprise Security was highly valuable to Genesys, according to Security Officer Umesh Chandra Reddy Gangadasari.

Results

Genesys was able to automate multiple security workflows within 3 months after deploying Splunk SOAR, and agreed with the following statements:

  • We save time triaging our most repetitive, basic security tasks by using automated security workflows.
  • We are more efficient, productive, and can do more with the staff we already have.
  • We improved our ability to collaborate and align responses to prioritized risks.

Gangadasari confirmed that since using Splunk SOAR, they are 2x faster (e.g. a workflow that took us 30 minutes to complete now takes 15 minutes) to respond to security events, and in their first 12 months of using Splunk SOAR, they experienced up to $500,000 in savings based on analyst time saved.

Splunk Case Study

Hurricane Labs Responds to Security Events 60x Faster Due to Splunk SOAR

Introduction

This case study of Hurricane Labs is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

Challenges

Before implementing Splunk SOAR, Hurricane Labs was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Integrating our disparate security technologies
  • Creating standardized security workflows
  • Measuring the effectiveness of our security operations
  • Collaborating on prioritized responses as a team
  • Slow mean time to respond to security incidents

Use Case

Hurricane Labs agreed that it is:

  • More proactive and focused on mission-critical objectives
  • Saving time triaging its most repetitive, basic security tasks by using automated security workflows
  • More efficient, productive, and can do more with the staff it already has
  • Better able to measure security operations with improved reporting
  • Better able to collaborate and align responses to prioritized risks
  • Experiencing reduced mean time to respond to resolve security incidents

Results

Hurricane Labs confirmed that since using Splunk SOAR, it is 60x faster (e.g. a workflow that took us 30 minutes to complete now takes 30 seconds) to respond to security events.