TechValidate Research on Splunk

42 Case Studies – Page 1 of 2


Splunk Case Study

A Medium Enterprise Educational Institution Company Benefits from Splunk plus AWS

Introduction

This case study of a medium enterprise educational institution company is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Because of Splunk, now we have centralized logging system that—in case of an error—we can just specify the time and see all the issues that happened from different tools we use in our production platform.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • The challenges/pain points the organization faced before implementing Splunk:
    • Accessing, ingesting, searching and/or monitoring siloed data across organization

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to the organization:
    • Powerful searching, reporting and analyzing capabilities
    • Ability to stream unstructured data from all systems, devices and people
  • The Splunk products the organization is currently using:
    • Splunk Cloud Platform
  • Splunk’s cloud service provider partners they work with:
    • Amazon Web Services (AWS)
  • Why they chose Splunk on CSP:
    • Easy procurement through Marketplace

Results

The surveyed company achieved the following results with Splunk:

  • The benefits the organization experienced since using Splunk:
    • Accelerated ability to collect, onboard, and analyze data within Splunk from a variety of sources
    • Reduced time spent on administrative tasks, freeing up time for other priorities
  • They agree that Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
  • They saw a return on their investment in Splunk within 1-6 months.
  • Rates Splunk superior on the following compared to other solutions:
    • Powerful searching, reporting and analyzing capabilities
    • Stream unstructured data from all systems, devices and people
    • Reallocate time-consuming tasks to Splunk to focus on high-value use case delivery
    • React quickly using descriptive, predictive and prescriptive analytics
    • Highly secure environment that meets rigorous security and compliance standards
  • Rates significant improvements in the following areas since using Splunk:
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
    • Reduce time spent on administrative tasks, freeing up time for other priorities
    • Modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud
    • Reduce downtime, keeping mission-critical applications and infrastructure up and running
    • Achieve faster time to market for new apps, improving developer efficiency

Splunk Case Study

An S&P 500 Telecommunications Services Company Improved Its Security Posture

Introduction

This case study of a S&P 500 telecommunications services company is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“We have accelerated in improving our security posture and now have unified visibility across our cloud environments.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • The challenges/pain points the organization faced before implementing Splunk:
    • Accessing, ingesting, searching and/or monitoring siloed data across organization
    • Issues maintaining compliance/meeting security standards

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to the organization:
    • Powerful searching, reporting and analyzing capabilities
    • Ability to automate critical security tasks
    • Ability to stream unstructured data from all systems, devices and people
    • Ability to react quickly using descriptive, predictive and prescriptive analytics
  • The Splunk products the organization is currently using:
    • Splunk Cloud Platform
    • Splunk SOAR
  • Splunk’s cloud service provider partners they work with:
    • Amazon Web Services (AWS)
    • Google Cloud (GCP)
  • Why they chose Splunk on CSP:
    • Integrations with CSP services/solutions
    • Critical security insights across multi cloud/hybrid cloud environment

Results

The surveyed company achieved the following results with Splunk:

  • The benefits the organization experienced since using Splunk:
    • Accelerated ability to collect, onboard, and analyze data within Splunk from a variety of sources
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
    • Modernized and strengthened our cyber defenses to lower the risk of data breach, IP theft and fraud
  • They agree with the following statements after using Splunk:
    • Splunk has enabled us to combat threats with actionable intelligence and advanced analytics that scale with our needs.
    • Splunk has enabled us to more easily migrate to the cloud, supporting the strategic direction of our organization.
    • Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
    • We can now investigate faster and answer any questions about our business, saving valuable time and effort.
  • They saw a return on their investment in Splunk within 1-6 months.
  • Rates Splunk on the following compared to other solutions:
    • Powerful searching, reporting and analyzing capabilities: Superior
    • Stream unstructured data from all systems, devices and people: Significantly Better
    • Reallocate time-consuming tasks to Splunk to focus on high-value use case delivery: Significantly Better
  • Rates improvements in the following areas since using Splunk:
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time: Improved
    • Modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud: Significantly Improved

Splunk Case Study

Prudential Financial, Inc. Improves Event Response Time Using Splunk

Introduction

This case study of Prudential Financial, Inc. is based on a September 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“We’ve improved response times to events since using Splunk.” — Cyber Security Operations Specialist, Prudential Financial, Inc.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • The challenges/pain points the organization faced before implementing Splunk:
    • Too much time/resources on time-consuming admin tasks instead of high-value use case delivery
    • Issues maintaining compliance/meeting security standards
    • Preventing unplanned downtime and improving mean-time-to-resolve (MTTR) problems

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to the organization:
    • Powerful searching, reporting and analyzing capabilities
    • Ability to automate critical security tasks
    • Ability to stream unstructured data from all systems, devices and people
    • Ability to reallocate time-consuming tasks to Splunk to focus on high-value use case delivery
    • Ability to react quickly using descriptive, predictive and prescriptive analytics
    • Highly secure environment that meets rigorous security and compliance standards
    • Predictable pricing that aligns with value and scales of their business
  • The Splunk products the organization is currently using:
    • Splunk Cloud Platform
    • Splunk SIEM
    • Splunk SOAR
    • Splunk Real User Monitoring
    • Splunk Infrastructure Monitoring
  • Splunk’s cloud service provider partners they work with:
    • Amazon Web Services (AWS)
    • Microsoft Azure BYOL
  • Why they chose Splunk on CSP:
    • Migration from Splunk Enterprise to Splunk Cloud
    • Simplified monitoring for complex environments
    • Critical security insights across multi cloud/hybrid cloud environment
    • Already with CSP that supported Splunk Cloud

Results

The surveyed company achieved the following results with Splunk:

  • The benefits the organization experienced since using Splunk:
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
    • Easier onboarding of new teams and improved end user workflow
    • Faster time to market for new apps, improving developer efficiency
  • They agree with the following statements after using Splunk:
    • Splunk has enabled us to more easily migrate to the cloud, supporting the strategic direction of our organization.
    • Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
    • Splunk full-stack observability integrates with other observability tools to provide logs, metrics, user data (RUM), and more all in one interface.
  • They saw a return on their investment in Splunk within 7-12 months.
  • Rates Splunk on the following compared to other solutions:
    • Powerful searching, reporting and analyzing capabilities: Significantly Better
    • Stream unstructured data from all systems, devices and people: Superior
    • Reallocate time-consuming tasks to Splunk to focus on high-value use case delivery: Significantly Better
    • React quickly using descriptive, predictive and prescriptive analytics: Significantly Better
    • Highly secure environment that meets rigorous security and compliance standards: Superior
  • Rates improvements in the following areas since using Splunk:
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time: Significantly Improved
    • Reduce time spent on administrative tasks, freeing up time for other priorities: Improved
    • Modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud: Improved
    • Reduce downtime, keeping mission-critical applications and infrastructure up and running: Improved
    • Achieve faster time to market for new apps, improving developer efficiency: Improved

Splunk Case Study

Cultureamp Uplevels Its Monitoring Capabilities with Splunk

Introduction

This case study of Cultureamp is based on a September 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Splunk has helped us improve our monitoring capabilities by providing the visibility of various data sources. Splunk’s out-of-the-box alerts and dashboards has helped us gain valuable insights.” — Sagar K, Senior Security Analyst, Cultureamp

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • The challenges/pain points the organization faced before implementing Splunk:
    • Accessing, ingesting, searching and/or monitoring siloed data across organization
    • Preventing unplanned downtime and improving mean-time-to-resolve (MTTR) problems
    • Issues with pricing/affordability of quality SaaS

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to the organization:
    • Powerful searching, reporting and analyzing capabilities
    • Ability to automate critical security tasks
    • Ability to stream unstructured data from all systems, devices and people
    • Ability to react quickly using descriptive, predictive and prescriptive analytics
  • The Splunk products the organization is currently using:
    • Splunk Cloud Platform
    • Splunk SIEM
  • Splunk’s cloud service provider partners they work with:
    • Amazon Web Services (AWS)
  • Why they chose Splunk on CSP:
    • Migration from Splunk Enterprise to Splunk Cloud

Results

The surveyed company achieved the following results with Splunk:

  • The benefits the organization experienced since using Splunk:
    • Accelerated ability to collect, onboard, and analyze data within Splunk from a variety of sources
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
    • Reduced time spent on administrative tasks, freeing up time for other priorities
    • Easier onboarding of new teams and improved end user workflow
    • Reduced downtime, keeping mission-critical applications and infrastructure up and running
  • They agree with the following statements after using Splunk:
    • Splunk has enabled us to combat threats with actionable intelligence and advanced analytics that scale with our needs.
    • Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
  • They saw a return on their investment in Splunk within 1-6 months.
  • Rates Splunk on the following compared to other solutions:
    • Powerful searching, reporting and analyzing capabilities: Superior
    • Stream unstructured data from all systems, devices and people: Significantly Better
    • Reallocate time-consuming tasks to Splunk to focus on high-value use case delivery: Superior
    • React quickly using descriptive, predictive and prescriptive analytics: Superior
    • Highly secure environment that meets rigorous security and compliance standards: Significantly Better
  • Rates improvements in the following areas since using Splunk:
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time: Improved
    • Reduce time spent on administrative tasks, freeing up time for other priorities: Significantly Improved
    • Modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud: Significantly Improved
    • Reduce downtime, keeping mission-critical applications and infrastructure up and running: Improved

Splunk Case Study

Pitney Bowes Inc. Improves Its Customer Experience Using Splunk for Observability

Introduction

This case study of Pitney Bowes Inc. is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Splunk helps us reduce MTTR and prevent outages due to proactive alerting.” — Kevin Murali, Manager – Technical Architecture, Pitney Bowes Inc.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • The challenges/pain points the organization faced before implementing Splunk Observability:
    • Customer experience issues
    • Slow troubleshooting
    • Difficulty in identifying root-cause issues
  • The other solutions/vendors their organization was using before choosing Splunk:
    • AppDynamics
    • Dynatrace
    • New Relic

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to their organization:
    • Custom metrics
    • Dynamic alerting
    • Related content for metrics, traces, and logs
  • How their organization is using Splunk:
    • Faster troubleshooting
    • Optimizing end-user experience
    • Alert noise reduction and event management
    • IT and business alignment
    • Predictive AIOps
  • Rates Splunk on the following compared to other observability solutions:
    • Time to value: Superior
    • Flexibility to monitor complex environment/metrics: Superior
    • Visibility into our cloud infrastructure: Better
    • Preventing user-impacting issues: Superior
    • Resolving/troubleshooting issues: Superior

Results

The surveyed company achieved the following results with Splunk:

  • The benefits their organization has experienced since using Splunk:
    • Faster troubleshooting
    • Better customer experience
    • Increased uptime
  • Agrees with the following statements after using Splunk:
    • Splunk has enabled us to provide better online service.
    • Splunk enabled us to monitor metrics that are important to our organization.
    • Splunk made troubleshooting issues simpler.
    • Splunk made troubleshooting issues faster.
    • Splunk helped us reduce alert storms/fatigue.
  • They saw a return on their investment in Splunk within 7-12 months.

Splunk Case Study

UnitedHealth Group Used Splunk to Speed Up Troubleshooting and Improve Customer Experience

Introduction

This case study of UnitedHealth Group Incorporated is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • The challenges/pain points the organization faced before implementing Splunk Observability:
    • Alert storms
    • Difficulty in identifying root-cause issues
  • The other solutions/vendors their organization was using before choosing Splunk:
    • Dynatrace
    • New Relic
    • In-house solution

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to their organization:
    • SignalFlow
    • APM service map
    • Synthetics monitoring
    • Related content for metrics, traces, and logs
  • How their organization is using Splunk:
    • Full stack problem detection
    • Faster troubleshooting
    • Optimizing end-user experience
    • Cloud migration
    • Cloud infrastructure monitoring
    • Alert noise reduction and event management
  • Rates Splunk on the following compared to other observability solutions:
    • Time to value: Significantly Better
    • Flexibility to monitor complex environment/metrics: Superior
    • Visibility into our cloud infrastructure: Superior
    • Preventing user-impacting issues: Significantly Better
    • Resolving/troubleshooting issues: Significantly Better

Results

The surveyed company achieved the following results with Splunk:

  • The benefits their organization has experienced since using Splunk:
    • Faster troubleshooting
    • Better customer experience
    • Increased uptime
  • Agrees with the following statements after using Splunk:
    • Splunk enabled us to monitor metrics that are important to our organization.
    • Splunk helped IT/DevOps be more connected the business leaders.
    • Splunk made troubleshooting issues simpler.
    • Splunk made troubleshooting issues faster.
    • Splunk helped us reduce alert storms/fatigue.
  • They saw a return on their investment in Splunk within 7-12 months.

Splunk Case Study

An Educational Institution Uses Splunk to be Proactive with Cyber Security Threats

Introduction

This case study of a educational institution is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled organization asked to have their name blinded to protect their confidentiality.

“We are using splunk to be proactive with cyber security threats, and so that we have useful data and reports available for auditing purposes.”

Challenges

The business challenges that led the profiled organization to evaluate and ultimately select Splunk:

  • Why their organizations implemented Splunk:
    • Improving threat detection, investigation and response capabilities
    • Streamlining operations to strengthen organizational security posture
  • The other solutions/vendors the organization was using before switching to Splunk:
    • Crowdstrike and Carbon Black Defense

Use Case

The key features and functionalities of Splunk that the surveyed organization uses:

  • The Splunk features/capabilities that have been the most valuable to their organization:
    • Advanced threat detection
    • Compliance and data privacy
    • Incident investigation and forensics
    • Incident response
  • How the organization is using Splunk:
    • Compliance and data privacy
    • Incident investigation and forensics
    • Incident response
    • Insider threat detection

Results

The surveyed organization achieved the following results with Splunk:

  • The benefits the organization has experienced since using Splunk:
    • Enhanced SOC efficiency and productivity
    • Improved threat detection, investigation and response capabilities
  • They agree with the following statements since using Splunk:
    • Splunk provides enhanced security awareness through optimized and centralized security operations.
    • Splunk has improved my threat detection, investigation and response capabilities.
  • The organization has experienced significant improvements in threat detection, investigation and response capabilities.

Splunk Case Study

A Medium Enterprise Government Company Improved Security Analysis Using Splunk

Introduction

This case study of a medium enterprise government company is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“We use Splunk to improve our efficiency of security analysis.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • The organizations implemented Splunk in order to streamline operations to strengthen organizational security posture.
  • Prior to switching to Splunk the organization was using an in-house solution.

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to their organization:
    • Incident investigation and forensics
    • IT modernization
  • How the organization is using Splunk:
    • Incident investigation and forensics
    • Incident response
    • Insider threat detection
    • IT modernization

Results

The surveyed company achieved the following results with Splunk:

  • The benefits the organization has experienced since using Splunk:
    • Enhanced SOC efficiency and productivity
    • Improved threat detection, investigation and response capabilities
  • They stated the following that Splunk has improved their threat detection, investigation and response capabilities.
  • They saw a return on their investment with Splunk within 6 months.
  • Rates the following areas as improved since using Splunk:
    • Enhanced end-to-end visibility
    • Enhanced SOC efficiency and productivity
    • Improved threat detection, investigation and response capabilities

Splunk Case Study

A Large Healthcare Company Improved Threat Detection and Reduced MTTR

Introduction

This case study of a large enterprise healthcare company is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • Why their organizations implemented Splunk:
    • Enabling evolving initiatives while reducing agency risk through end-to-end visibility and tools for auditing
    • Improving SOC efficiency and productivity
    • Improving threat detection, investigation and response capabilities
  • The other solutions/vendors the organization was using before switching to Splunk:
    • In-house solution

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to their organization:
    • Cloud monitoring
    • Compliance and data privacy
    • Incident investigation and forensics
    • Incident response
    • SOC automation and orchestration

Results

The surveyed company achieved the following results with Splunk:

  • The benefits the organization has experienced since using Splunk:
    • Improved threat detection, investigation and response capabilities
    • Reduced mean time to repair (MTTR)
  • They agree with the following statements since using Splunk:
    • Splunk delivers visibility into what is happening across complex agency operating environments.
    • Splunk provides enhanced security awareness through optimized and centralized security operations.
    • Splunk allows agencies to create flexible and trusted computing environments that reduce infrastructure requirements, focus on deriving value from organizational data, enhance IT service delivery and improve customer experiences.
    • Splunk has improved my threat detection, investigation and response capabilities.
  • They saw a return on their investment with Splunk within 6 months.
  • Rates the following areas as improved since using Splunk:
    • Enhanced end-to-end visibility
    • Enhanced SOC efficiency and productivity
    • Improved threat detection, investigation and response capabilities
    • Reduced mean time to repair (MTTR)

Splunk Case Study

Danaher Corporation Benefits from Splunk’s Single Pane of Glass

Introduction

This case study of Danaher Corporation is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Splunk provides us with a single pane of glass that has never been easier to implement and is a lot faster to search.” — Victor Munoz, Sr Security Engineer, Threat Hunting, Danaher Corporation

Challenges

The challenges/pain points the organization faced before implementing Splunk:

  • Accessing, ingesting, searching and/or monitoring siloed data across organization
  • Slow time-to-value on our IT solutions and endeavors

Use Case

The Splunk features/capabilities that have been the most valuable to the organization:

  • Powerful searching, reporting and analyzing capabilities
  • Ability to stream unstructured data from all systems, devices and people
  • Ability to react quickly using descriptive, predictive and prescriptive analytics

Splunk has partnered with AWS and is providing Danaher with:

  • Splunk Cloud Platform
  • Splunk SIEM

Danaher values the partnership with AWS due to its migration from Splunk Enterprise to Splunk Cloud.

Results

The benefits the organization experienced since using Splunk:

  • Accelerated ability to collect, onboard, and analyze data within Splunk from a variety of sources
  • Increased quantity and quality of user cases with an ability to scale quickly and on-demand
  • Modernized and strengthened our cyber defenses to lower the risk of data breach, IP theft and fraud

They agree with the following statements after using Splunk:

  • Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
  • We can now investigate faster and answer any questions about our business, saving valuable time and effort.

They saw a return on their investment in Splunk immediately.

Rates Splunk on the following compared to other solutions:

  • Powerful searching, reporting and analyzing capabilities: Superior
  • Stream unstructured data from all systems, devices and people: Superior
  • Reallocate time-consuming tasks to Splunk to focus on high-value use case delivery: Significantly Better
  • React quickly using descriptive, predictive and prescriptive analytics: Significantly Better
  • Highly secure environment that meets rigorous security and compliance standards: Superior

Rates as significantly improved in the following areas since using Splunk:

  • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
  • Modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud

Splunk Case Study

AT&T Reports Immediate ROI Using Splunk Security

Introduction

This case study of AT&T Inc. is based on an August 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Splunk has enhanced our business processes allowing us visibility into problems and issues that we never had been able to see before Splunk was implemented.” — Christopher Oneto, Engineer, AT&T Inc.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • Why their organizations implemented Splunk:
    • Enabling evolving initiatives while reducing agency risk through end-to-end visibility and tools for auditing
    • Improving threat detection, investigation and response capabilities
    • Streamlining operations to strengthen organizational security posture

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • The Splunk features/capabilities that have been the most valuable to their organization:
    • Advanced threat detection
    • Application modernization
    • Compliance and data privacy
    • Data optimization
    • DevOps
    • Incident investigation and forensics
    • Incident response
    • Insider threat detection
    • IT modernization
    • SOC automation and orchestration
  • How the organization is using Splunk:
    • Advanced threat detection
    • Application modernization
    • Compliance and data privacy
    • Data optimization
    • DevOps
    • Incident investigation and forensics
    • Incident response
    • Insider threat detection
    • IT modernization
    • SOC automation and orchestration
  • Rates Splunk as superior compared to other cloud solutions.

Results

The surveyed company achieved the following results with Splunk:

  • The benefits the organization has experienced since using Splunk:
    • Enhanced end-to-end visibility
    • Enhanced SOC efficiency and productivity
    • Improved threat detection, investigation and response capabilities
    • Reduced mean time to repair (MTTR)
  • They agree with the following statements since using Splunk:
    • Splunk delivers visibility into what is happening across complex agency operating environments.
    • Splunk provides enhanced security awareness through optimized and centralized security operations.
    • Splunk allows agencies to create flexible and trusted computing environments that reduce infrastructure requirements, focus on deriving value from organizational data, enhance IT service delivery and improve customer experiences.
    • Splunk has improved my threat detection, investigation and response capabilities.
  • They saw a return on their investment with Splunk immediately.
  • Rates significant improvements in the following areas since using Splunk:
    • enhanced end-to-end visibility
    • enhanced SOC efficiency and productivity
    • improved threat detection, investigation and response capabilities:
    • reduced mean time to repair (MTTR)

Splunk Case Study

TD Improves Visibility Across the Organization Using Splunk

Introduction

This case study of TD is based on a June 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“We’ve seen improved visibility across the organization. " — Laney Thomas, Security Architect, TD

Challenges

Challenges/pain points their organization faced before implementing Splunk:

  • Accessing, ingesting, searching and/or monitoring siloed data across organization
  • Previously used RSA before choosing Splunk

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • Splunk’s features that have been most valuable to their organization:
    • Powerful searching, reporting and analyzing capabilities
    • Ability to automate our critical security tasks
    • Ability to stream unstructured data from all systems, devices and people
    • Ability to reallocate time-consuming tasks to Splunk to focus on high-value use case delivery
    • Ability to react quickly using descriptive, predictive and prescriptive analytics
    • Highly secure environment that meets rigorous security and compliance standards
    • Predictable pricing that aligns with value and scales with your business
  • Splunk products their organization is using:
    • Splunk Enterprise Platform
    • Splunk SIEM
    • Splunk ITSI
  • They partner with:
    • AWS
    • Azure

Results

The surveyed company achieved the following results with Splunk:

  • What benefits has your organization experienced since using Splunk:
    • Accelerated ability to collect, onboard, and analyze data within Splunk from a variety of sources
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
    • Reduced time spent on administrative tasks, freeing up time for other priorities
    • Easier onboarding of new teams and improved end user workflow
    • Increased quantity and quality of user cases with an ability to scale quickly and on-demand
    • Modernized and strengthened our cyber defenses to lower the risk of data breach, IP theft and fraud
    • Reduced downtime, keeping mission-critical applications and infrastructure up and running
    • Faster time to market for new apps, improving developer efficiency
  • Agrees that:
    • Splunk has enabled us to combat threats with actionable intelligence and advanced analytics that scale with our needs.
    • Splunk has enabled us to more easily migrate to the cloud, supporting the strategic direction of our organization.
    • Splunk has helped us tackle tough cloud complexity challenges to avoid costly overages, consolidate toolsets and gain overall cloud confidence.
    • Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
    • Splunk full-stack observability integrates with other observability tools to provide logs, metrics, user data (RUM), and more all in one interface.
    • We can now investigate faster and answer any questions about our business, saving valuable time and effort.
  • Saw a return on their investment with Splunk immediately.
  • Rated Splunk as significantly better on the following compared to other solutions:
    • Powerful searching, reporting and analyzing capabilities
    • Stream unstructured data from all systems, devices and people
    • Reallocate time-consuming tasks to Splunk to focus on high-value use case delivery
    • React quickly using descriptive, predictive and prescriptive analytics
    • Highly secure environment that meets rigorous security and compliance standard
  • Improvements in the following areas since using Splunk:
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
    • Reduce time spent on administrative tasks, freeing up time for other priorities
    • modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud
    • reduce downtime, keeping mission-critical applications and infrastructure up and running
    • achieve faster time to market for new apps, improving developer efficiency

Splunk Case Study

A Large Enterprise Computer Services Company Uses Splunk with AWS for Security

Introduction

This case study of a large enterprise computer services company is based on a June 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk:

  • Challenges/pain points their organization faced before implementing Splunk:
  • Accessing, ingesting, searching and/or monitoring siloed data across organization
  • Issues maintaining compliance/meeting security standards

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • Splunk’s features that have been most valuable to their organization:
    • Powerful searching, reporting and analyzing capabilities
  • Splunk products their organization is using:
    • Splunk Enterprise Platform
  • They partner with:
    • AWS

Results

The surveyed company achieved the following results with Splunk:

  • What benefits has your organization experienced since using Splunk:
    • Accelerated ability to collect, onboard, and analyze data within Splunk from a variety of sources
    • Modernized and strengthened our cyber defenses to lower the risk of data breach, IP theft and fraud
  • Agrees that:
    • Splunk has enabled us to combat threats with actionable intelligence and advanced analytics that scale with our needs.
  • Saw a return on their investment with Splunk immediately.
  • Rated Splunk on the following compared to other solutions:
    • powerful searching, reporting and analyzing capabilities: superior
    • stream unstructured data from all systems, devices and people: significantly better
    • reallocate time-consuming tasks to Splunk to focus on high-value use case delivery: significantly better
    • react quickly using descriptive, predictive and prescriptive analytics: significantly better
    • highly secure environment that meets rigorous security and compliance standard: significantly better
  • Improvements in the following areas since using Splunk:
    • ensure business resilience by empowering our people to predict, identify and solve problems in real time: improved
    • reduce time spent on administrative tasks, freeing up time for other priorities: improved
    • modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud: improved
    • reduce downtime, keeping mission-critical applications and infrastructure up and running: improved
    • achieve faster time to market for new apps, improving developer efficiency: improved

Splunk Case Study

Big Bear.Ai Sees an ROI in Under Six Months Using Splunk Enterprise Platform

Introduction

This case study of BigBear.ai is based on a June 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Using Splunk, we’ve found it easy to triage problems.” — Jeffrey Burt, IT Professional, BigBear.ai

Challenges

These are the challenges/pain points Big Bear.Ai faced before implementing Splunk:

  • Accessing, ingesting, searching and/or monitoring siloed data across organization
  • Issues with pricing/affordability of quality SaaS

Prior to switching to Splunk, Big Bear.Ai was using Elastic.

Use Case

The key features and functionalities of Splunk that the surveyed company uses:

  • Splunk’s features that have been most valuable to their organization:
    • Powerful searching, reporting and analyzing capabilities
    • Ability to automate our critical security tasks
    • Ability to stream unstructured data from all systems, devices and people
  • Splunk products their organization is using:
    • Splunk Enterprise Platform

Results

The surveyed company achieved the following results with Splunk:

  • Benefits Big Bear.Ai experienced since using Splunk:
    • Accelerated ability to collect, onboard, and analyze data within Splunk from a variety of sources
    • Ensure business resilience by empowering our people to predict, identify and solve problems in real time
  • Agrees that:
    • Splunk has enabled us to combat threats with actionable intelligence and advanced analytics that scale with our needs.
    • Splunk has enabled us to more easily migrate to the cloud, supporting the strategic direction of our organization.
    • Splunk has helped us tackle tough cloud complexity challenges to avoid costly overages, consolidate toolsets and gain overall cloud confidence.
    • Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
    • Splunk full-stack observability integrates with other observability tools to provide logs, metrics, user data (RUM), and more all in one interface.
    • We can now investigate faster and answer any questions about our business, saving valuable time and effort.
  • Saw a return on their investment with Splunk within 1-6 months.
  • Rated Splunk better on the following compared to other solutions:
    • powerful searching, reporting and analyzing capabilities
    • stream unstructured data from all systems, devices and people
    • reallocate time-consuming tasks to Splunk to focus on high-value use case delivery
    • react quickly using descriptive, predictive and prescriptive analytics
    • highly secure environment that meets rigorous security and compliance standard
  • Significant improvements in the following areas since using Splunk:
    • modernize and strengthen our cyber defenses to lower the risk of data breach, IP theft and fraud
    • reduce downtime, keeping mission-critical applications and infrastructure up and running
    • achieve faster time to market for new apps, improving developer efficiency

Splunk Case Study

The Sports-ISAO Program of the Cyber Resilience Institute Benefits from Splunk Intelligence Management

Introduction

This case study of (Sports ISAO) Cyber Resilience Institute is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“The graph representations are very useful, as is the ability to pivot across the data set.” — Jane Ginn, Co-Founder, Sports-ISAO

Challenges

Sports-ISAO faced these business challenges that led them to evaluate and ultimately select Splunk Intelligence Management:

  • The manual curation of multiple data sources
  • Data silos between teams and tools
  • Overwhelmed with alerts and limited ability to prioritize them
  • Data governance – difficulty sharing data securely across teams and external trusted groups

Prior to adopting Splunk, the organization managed intelligence with a threat intelligence platform (TIP).

Use Case

Sports-ISAO has found the automated curation and normalization of intelligence sources to be the most valuable capability for their organization:

Results

Sports-ISAO experienced these important benefits since using Splunk Intelligence Management:

  • They’ve saved analyst time on repetitive tasks.
  • The team has realized a reduction of up to 2-3 hours of analyst time spent per day.

Splunk Case Study

US Bank Rates Splunk Platform and Security as Superior

Introduction

This case study of US Bank is based on an October 2021 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Splunk is an easy, self-service tool that can be referred to all customers. It has enabled us to combat threats with actionable intelligence and advanced analytics that scale to meet our needs.”—Ivin Kuriakose, System Administrator, US Bank

Challenges

The challenges/pain points US Bank faced before implementing Splunk included accessing, ingesting, searching and/or monitoring siloed data across the organization. Before choosing Splunk, US Bank had been using Elastic.

Use Case

US Bank is using both the Splunk Enterprise and Cloud Platforms along with Splunk Security Products and Solutions.

Results

The Splunk features/capabilities that have been the most valuable to the organization include:

  • Powerful searching, reporting, and analyzing capabilities
  • Ability to reallocate time-consuming tasks to Splunk to focus on high-value use case delivery
  • Ability to react quickly using descriptive, predictive, and prescriptive analytics

US Bank has experienced multiple benefits since using Splunk. These include the following.

  • The organization can ensure business resilience by empowering its people to predict, identify and solve problems in real-time.
  • US Bank can easily onboard new teams and use cases with an ability to scale quickly and on-demand.
  • The bank has reduced downtime, keeping mission-critical applications and infrastructure up and running.

With a return on its investment in Splunk within 1-6 months, US Bank agreed with the following statements:

  • Splunk has enabled us to combat threats with actionable intelligence and advanced analytics that scale with our needs.
  • Splunk has helped us tackle tough cloud complexity challenges to avoid costly overages, consolidate toolsets, and gain overall cloud confidence.
  • Splunk has provided end-to-end service visibility and streamlined incident resolution while offering predictive analytics that are so crucial to our business.
  • Splunk APM integrates with other observability tools to provide logs, metrics, user data (RUM), and more, all in one interface. We can now investigate faster and answer any questions about our business, saving valuable time and effort.

US Bank rates Splunk as superior on the following compared to other solutions:

  • Powerful searching, reporting, and analyzing capabilities
  • Stream unstructured data from all systems, devices, and people
  • Reallocate time-consuming tasks to Splunk to focus on high-value use case delivery
  • React quickly using descriptive, predictive, and prescriptive analytics
  • Ensure a highly secure environment that meets rigorous security and compliance standards

US Bank has seen significant improvements in the following areas since using Splunk:

  • Ensure business resilience by empowering their people to predict, identify and solve problems in real-time
  • Reduce time spent on administrative tasks, freeing up time for other priorities
  • Reduce downtime, keeping mission-critical applications and infrastructure up and running
  • Achieve faster time to market for new apps, improving developer efficiency

Splunk Cloud Platform Case Study

S&P 500 Healthcare Company Happy With Its Move to Cloud

Introduction

This case study of a S&P 500 healthcare company is based on a March 2022 survey of Splunk Cloud Platform customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Splunk is helping us to ensure cancer patients are receiving high-quality radiation treatments without any interruptions. We have used Splunk for many years and are very happy, especially with our move to the Splunk Cloud Platform.”—IT Manager, S&P 500 Healthcare Company

Challenges

The challenges or pain points the organization faced before adopting or migrating to Splunk’s Cloud Platform included accessing, ingesting, searching and/or monitoring siloed data across organization; and spending too much time and/or resources on admin tasks instead of high-value use case delivery. Prior to migrating to the Splunk Cloud Platform, the organization was using the Splunk Enterprise Platform.

Use Case

The Healthcare Company’s primary use case for Splunk is Machine Data Analytics. The organization decided to migrate because:

  • Their overall IT organization is moving to Cloud-based services.
  • They needed additional elasticity in their Splunk deployment.
  • Splunk Enterprise Platform was becoming too complex to self-manage.

Results

The features/capabilities of Splunk Cloud Platform that have been valuable to their organization include:

  • Powerful searching, reporting and analyzing capabilities
  • Ability to stream unstructured data from all systems, devices and people
  • Enhanced self-service for end-users
  • Ability to quickly innovate and onboard new use-cases

They agree with the following statements after using Splunk Cloud Platform:

  • Splunk Cloud Platform helps us focus our resources and/or time on higher priority initiatives by taking care of the infrastructure management and administration.
  • Splunk Cloud Platform provides the same power and flexibility of Splunk Enterprise, but with significantly less of the management burden.
  • Splunk Cloud Platform allows us to innovate more quickly and our end users are happier.
  • Splunk Cloud Platform helps us onboard new teams and use cases with an ability to scale faster and on-demand.

With a return on investment in Splunk Cloud Platform within 12+ months, the S&P 500 Healthcare Company saw improvements in the following areas since using Splunk Cloud Platform:

  • Time-to-Value: significantly improved
  • Use Case Delivery: significantly improved
  • Administrative Tasks: improved

Splunk Case Study

Medium Enterprise Retail Company Automates Scheduling, Escalations and Notifications with Splunk On-Call

Introduction

This case study of a medium enterprise retail company is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Splunk On-Call has levelled up our incident management and escalation protocols. We’ve seen improved visibility, quicker and more accurate escalations, and better reporting and ownership of issues.” — IT Director of a Medium Enterprise Retail Company

Challenges

The surveyed retail company started using Splunk On-Call to address challenges with:

  • Improving Alert Noise
  • Routing alerts / incidents to the appropriate personnel in a timely manner
  • Automating scheduling, escalations and notifications

Use Case

The DevOps Engineering/Application Development, Site Reliability Engineering (SRE), and IT Operations teams have been using Splunk On-Call for more than two years. What they are using Splunk On-Call for today:

  • Rapid incident response
  • Simplifying on-call scheduling

Results

The surveyed company is measuring the following key value drivers and benefits with Splunk On-Call:

  • Alert/Event Reduction %
  • Mean Time to Acknowledge (MTTA)
  • Mean Time to Resolve (MTTR)

When asked how valuable the following Splunk On-Call features have been, the organization reported:

  • Extremely Valuable
    • Scheduling
    • Alert Routing and Annotations
    • Integrations
    • Alert Rules Engine
    • Escalation Policies
  • Very Valuable
    • Incident Dashboard
    • Mobile Interface
    • Timeline
  • Valuable
    • Noise Suppression
    • Reports

The percent range for each measured value category that Splunk On-Call provides for the organization currently include:

  • Alert Noise Reduction Improvement: 21-39%
  • Mean Time to Acknowledge (MTTA) Improvement: 40-59%
  • Mean Time to Repair (MTTR) Improvement: 40-59%
  • Root Cause Analysis (RCA) Improvement: 21-39%
  • Recurring Incidents Improvement: 40-59%
  • IT Cost Reduction Improvement: 0-20%
  • Application Delivery Release Timeline Improvement: 21-39%

Splunk Case Study

An Educational Institution Sees Improvements After Implementing Splunk On-Call

Introduction

This case study of a educational institution is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled organization asked to have their name blinded to protect their confidentiality.

“We’ve seen recent improvements to data ingest with assistance from Splunk and the reseller that improved our visibility. This includes the suggestion to use Splunk On-Call.” CISO at an Educational Institution

Challenges

The educational institution surveyed started using Splunk On-Call to address challenges with:

  • Preventing / avoiding unplanned downtime
  • Improving Alert Noise
  • Routing alerts / incidents to the appropriate personnel in a timely manner
  • Automating scheduling, escalations and notifications

Use Case

A Splunk reseller recommended the security team at the educational institution implement Splunk On-Call, alongside Splunk Cloud. Splunk On-Call has been up for nearly 6 months and the team is already seeing improvements.

The institution’s security team is using Splunk On-Call specifically for rapid incident response and to simplify on-call scheduling.

Results

The key value drivers and benefits they are measuring with Splunk On-Call include:

  • Mean Time to Acknowledge (MTTA)
  • IT Costs Improvement / Savings

When asked how valuable the following Splunk On-Call features been to the organization, the CISO responded that each of these were very valuable:

  • Scheduling
  • Alert Routing and Annotations
  • Integrations
  • Noise Suppression
  • Stakeholder Updates
  • Incident Dashboard
  • Alert Rules Engine
  • Escalation Policies
  • Reports

Following are the percent ranges for each measured value category that Splunk On-Call provides for their organization currently:

  • Alert Noise Reduction Improvement: 21-39%
  • Mean Time to Acknowledge (MTTA) Improvement: 60-79%
  • Mean Time to Repair (MTTR) Improvement: 21-39%
  • Root Cause Analysis (RCA) Improvement: 21-39%
  • Recurring Incidents Improvement: 21-39%
  • IT Cost Reduction Improvement: 21-39%

Splunk Case Study

Blu Varejo Uses Splunk to Transform IT

Introduction

This case study of Blu Varejo is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Splunk has transformed our IT.” — Alex Lira, IT Specialist, Blu Varejo

Challenges

Blu Varejo started using Splunk On-Call to address challenges with:

  • Preventing / avoiding unplanned downtime
  • Improving Alert Noise
  • Routing alerts / incidents to the appropriate personnel in a timely manner
  • Automating scheduling, escalations and notifications

Use Case

Blu Varejo’s IT Operations and Security teams have been using Splunk On-Call for more than two yeors for:

  • Rapid incident response
  • Incident analysis and reporting
  • Simplifying on-call scheduling

In addition to Splunk On-Call, the organization is using Splunk Cloud and Splunk Security Essentials.

Results

Key value drivers and benefits they are measuring with Splunk On-Call:

  • Alert / Event Reduction %
  • Mean Time to Acknowledge (MTTA)

Blu Varejo rates how valuable the following Splunk On-Call features have been:

  • Valuable
    • Scheduling
    • Noise Suppression
    • Stakeholder Updates
  • Very Valuable
    • Incident Dashboard
    • Alert Rules Engine
    • Reports
  • Extremely Valuable
    • Alert Routing and Annotations
    • Integrations
    • Escalation Policies

Blu Varejo has seen an 80 percent or greater improvement for each of these measured value categories that Splunk On-Call provides for the organization currently:

  • Alert Noise Reduction Improvement: 80% or greater
  • Mean Time to Acknowledge (MTTA) Improvement: 80% or greater
  • Mean Time to Repair (MTTR) Improvement: 80% or greater

Splunk Case Study

Capital Power Corporation Uses Splunk On-Call to Preserve Its Knowledge Base

Introduction

This case study of Capital Power Corporation is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Originally, we chose Splunk On-Call to improve post each mortem and preserve the knowledge base. It’s been valuable to be able to measure alert frequency through on-call reports.” — Richard Lim, Capital Power Engineer

Challenges

Splunk On-Call’s capabilities to improve post each mortem and preserve the knowledge base of security activities and initiatives led Capital Power to evaluate and ultimately select Splunk.

Use Case

Capital Power’s Devops Engineering/Application Development, Site Reliability Engineering and IT Operations teams have used Splunk On-Call for 1-2 years for:

  • Rapid incident response
  • Incident analysis and reporting
  • Simplifying on-call scheduling
    The team has integrated its use of Splunk On-Call with solutions from Service Now and Elastic.

Results

The value drivers and benefits Capital Power is measuring with Splunk On-Call include:

  • Alert/Event Reduction %
  • Mean Time to Acknowledge (MTTA)
  • Mean Time to Resolve (MTTR)

Capital Power finds the following Splunk On-Call features very valuable to the organization:

  • Scheduling
  • Alert Routing and Annotations
  • Integrations
  • Noise Suppression
  • Stakeholder Updates
  • Incident Dashboard
  • War Room UI
  • Mobile Interface
  • Alert Rules Engine
  • Escalation Policies
  • Reports
  • Machine Learning Driven “Similar Events”
  • ChatOps Integration
  • Timeline

Following are the percent ranges for each measured value category that Splunk On-Call provides for the organization currently:

  • Alert Noise Reduction Improvement: 60-79%
  • Mean Time to Acknowledge (MTTA) Improvement: 60-79%
  • Mean Time to Repair (MTTR) Improvement: 60-79%
  • Root Cause Analysis (RCA) Improvement: 60-79%
  • Recurring Incidents Improvement: 60-79%
  • IT Cost Reduction Improvement: 40-59%
  • Application Delivery Release Timeline Improvement: 40-59%

Splunk Case Study

Ruvos, LLC Improved its MTTA by More Than 80 Percent Using Splunk On-Call

Introduction

This case study of Ruvos, LLC is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

“Splunk On-Call is an easy and convenient way to design and mange our on-call program. The escalations function ensures that we can automate the process of alerting other team members, or management depending on the severity. The solution just works well. " — Graham McLeod, Chief Information Officer, Ruvos, LLC

Challenges

Two years ago, Ruvos tarted using Splunk On-Call to address challenges with:

  • Preventing / avoiding unplanned downtime
  • Improving Alert Noise
  • Routing alerts / incidents to the appropriate personnel in a timely manner
  • Automating scheduling, escalations and notifications

Use Case

The DevOps Engineering / Application Development, Site Reliability Engineering (SRE), IT Operations, and Security teams are currently using Splunk On-Call for rapid incident response and to simplify on-call scheduling.

Results

Key value drivers and benefits Ruvos is measuring with Splunk On-Call include alert/event reduction percent and mean time to acknowledge (MTTA).
Ruvos found the following Splunk On-Call features most valuable:

  • Extremely Valuable: Scheduling and Escalation Policies
  • Very Valuable: Alert Routing and Annotations, Noise Suppression, Timeline
  • Valuable: Integrations, Stakeholder Updates, Incident Dashboard, Mobile Interface, Alert Rules Engine, Reports

Following are the percent ranges for each measured value category that Splunk On-Call provides for Ruvos currently:

  • Alert Noise Reduction Improvement: 60-79%
  • Mean Time to Acknowledge (MTTA) Improvement: 80% or greater
  • Mean Time to Repair (MTTR) Improvement: 21-39%
  • Root Cause Analysis (RCA) Improvement: 0-20%
  • Recurring Incidents Improvement: 60-79%
  • IT Cost Reduction Improvement: 21-39%
  • Application Delivery Release Timeline Improvement: 0-20%

Splunk Case Study

Genesys S.A. Automates Multiple Security Workflows within 3 Months of Deploying Splunk SOAR

Introduction

This case study of Genesys S.A. is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

Challenges

Before implementing Splunk SOAR, Genesys S.A. was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Addressing a lack of personnel on our security staff
  • Creating standardized security workflows
  • Measuring the effectiveness of our security operations

Use Case

Genesys S.A. rated Splunk SOAR on the following feature areas when compared to other SOAR vendors/solutions:

  • Superior for alert, event and case management and visualization with dashboards and reporting
  • Significantly better for team collaboration on events and cases, along with ease of use
  • Better for ability to automate key use cases, integration with key technologies, and building and deploying playbooks

Genesys S.A. saw an increase in speed and efficiency when automating the following use cases through Splunk SOAR:

  • Ransomware Investigations
  • Splunk Enterprise Security (SIEM) Alerts/Notables Investigations
  • Cloud Security Alert Investigations
  • Endpoint Security Alert Investigations
  • Network Security Alert Investigations
  • Vulnerability Patching & Remediation
  • Scheduled Identity and Access Management checkups
  • Scheduled Attack Surface Enumeration
  • User-reported Anomaly Investigations
  • Ad-Hoc Threat Hunting

Genesys S.A. rates the integration between Splunk SOAR and other Splunk products as valuable to its overall security operations. The integration with Splunk Enterprise Platform and Splunk Enterprise Security was highly valuable to Genesys, according to Security Officer Umesh Chandra Reddy Gangadasari.

Results

Genesys was able to automate multiple security workflows within 3 months after deploying Splunk SOAR, and agreed with the following statements:

  • We save time triaging our most repetitive, basic security tasks by using automated security workflows.
  • We are more efficient, productive, and can do more with the staff we already have.
  • We improved our ability to collaborate and align responses to prioritized risks.

Gangadasari confirmed that since using Splunk SOAR, they are 2x faster (e.g. a workflow that took us 30 minutes to complete now takes 15 minutes) to respond to security events, and in their first 12 months of using Splunk SOAR, they experienced up to $500,000 in savings based on analyst time saved.

Splunk Case Study

Hurricane Labs Responds to Security Events 60x Faster Due to Splunk SOAR

Introduction

This case study of Hurricane Labs is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

Challenges

Before implementing Splunk SOAR, Hurricane Labs was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Integrating our disparate security technologies
  • Creating standardized security workflows
  • Measuring the effectiveness of our security operations
  • Collaborating on prioritized responses as a team
  • Slow mean time to respond to security incidents

Use Case

Hurricane Labs agreed that it is:

  • More proactive and focused on mission-critical objectives
  • Saving time triaging its most repetitive, basic security tasks by using automated security workflows
  • More efficient, productive, and can do more with the staff it already has
  • Better able to measure security operations with improved reporting
  • Better able to collaborate and align responses to prioritized risks
  • Experiencing reduced mean time to respond to resolve security incidents

Results

Hurricane Labs confirmed that since using Splunk SOAR, it is 60x faster (e.g. a workflow that took us 30 minutes to complete now takes 30 seconds) to respond to security events.

Splunk Case Study

A Medium Enterprise Computer Software Company Saves Up To $1 Million in Analyst Time Using Splunk SOAR

Introduction

This case study of a medium enterprise computer software company is based on a March 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Before implementing Splunk SOAR, the medium enterprise computer software company was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Integrating our disparate security technologies
  • Addressing a lack of personnel on our security staff
  • Creating standardized security workflows

Use Case

The software company rated these Splunk SOAR features and functionalities superior when compared to other SOAR vendors/solutions:

  • Alert, Event & Case Management
  • Team Collaboration on Events and Cases
  • Ease of Use
  • Ability to Automate Our Key Use Cases
  • Ability to Integrate with Our Key Technologies
  • Building and Deploying Playbooks
  • Visualization with Dashboards and Reporting

In addition to rating the integration between Splunk SOAR and Splunk Enterprise and Cloud Platforms, and Splunk Enterprise Security (SIEM) as highly valuable, the company reported significant increases in speed and efficiency when automating the following use cases:

  • Splunk Enterprise Security (SIEM) Alerts/Notables Investigations
  • Cloud Security Alert Investigations
  • Endpoint Security Alert Investigations
  • Network Security Alert Investigations
  • Vulnerability Patching & Remediation
  • Scheduled Identity and Access Management checkups
  • Scheduled Attack Surface Enumeration
  • Ad-Hoc Threat Hunting

Results

The surveyed company was able to immediately automate multiple security workflows after deploying Splunk SOAR, and said it had reduced mean time to respond to security incidents. The company confirmed that since using Splunk SOAR, its team is 5 times faster to security events, and they achieved savings of up to $1 Million in their first 12 months of use (based on analyst time saved).

Splunk Case Study

Fortune 500 Telecommunications Services Company Automates Numerous Security Workflows, Sees Quick ROI Using Splunk SOAR

Introduction

This case study of a Fortune 500 telecommunications services company is based on a March 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Splunk SOAR:

  • Managing a high volume of security alerts
  • Integrating our disparate security technologies
  • Addressing a lack of personnel on our security staff
  • Measuring the effectiveness of our security operations

Use Case

The Fortune 500 Telecommunications Services Company stated that the following were valuable:

  • Splunk Enterprise Platform
  • Splunk Cloud Platform
  • Splunk Enterprise Security (SIEM), and
  • Splunk User Behavior Analytics (UBA)

The profiled company also rated the following features as significantly better than competitive offerings:

  • Alert, Event & Case Management
  • Team Collaboration on Events and Cases
  • Ease of Use
  • Ability to Automate Our Key Use Cases
  • Ability to Integrate with Our Key Technologies
  • Building and Deploying Playbooks
  • Visualization with Dashboards and Reporting

Results

The surveyed company achieved the following results with Splunk:

  • Able to automate multiple security workflows after deploying Splunk SOAR Within the first 3 Months.
  • Agreed with the following:
    • We are more proactive and focused on mission-critical objectives.
    • We save time triaging our most repetitive, basic security tasks by using automated security workflows.
    • We are more efficient, productive, and can do more with the staff we already have.
    • We better measure our security operations with improved reporting.
    • We improved our ability to collaborate and align responses to prioritized risks.
    • We have reduced our mean time to respond to security incidents.
  • Confirmed that since using Splunk SOAR, they are 5 times faster (e.g. a workflow that took us 30 minutes to complete now takes 6 minutes) to security events.
  • In their first 12 months of using Splunk SOAR, they experienced up to $500,000 in savings based on analyst time saved alone.

Splunk Cloud Platform Case Study

Educational Institution Uses Splunk Cloud Platform to Keep Its Focus on High-Priority Initiatives

Introduction

This case study of a educational institution is based on a March 2022 survey of Splunk Cloud Platform customers by TechValidate, a 3rd-party research service. The profiled organization asked to have their name blinded to protect their confidentiality.

“Splunk Cloud has saved us a significant amount of time by allowing us to focus on high-priority initiatives.”

Challenges

The institution evaluated and ultimately selected the Splunk Cloud Platform over its in-house solution. The major challenge the organization faced before migrating to the Splunk Cloud Platform was accessing, ingesting, searching and/or monitoring siloed data across the educational institution.

Use Case

The institution uses Splunk for both Security and IT Operations and is moving the overall IT organization to Cloud-based services. After its migration to the Splunk Cloud Platform the organization reported that the most valuable features and capabilities include:

  • Powerful searching, reporting and analyzing capabilities
  • Ability to stream unstructured data from all systems, devices and people
  • Highly secure environment that meets rigorous security and compliance standards

Results

The educational institution agrees with the following statements after migrating to the Splunk Cloud Platform:

  • Splunk Cloud Platform helps us focus our resources and/or time on higher priority initiatives by taking care of the infrastructure management and administration.
  • Splunk Cloud Platform provides the same power and flexibility of Splunk Enterprise, but with significantly less of the management burden.

With an ROI in Splunk Cloud Platform in under 12 months, the institution rates improvements in the following areas:

  • Time-to-Value: improved
  • Security/Compliance: improved
  • Use Case Delivery: improved
  • Administrative Tasks: significantly improved

Splunk Cloud Platform Case Study

Genesys S.A. Benefits from Migrating to Splunk Cloud Platform

Introduction

This case study of Genesys S.A. is based on a March 2022 survey of Splunk Cloud Platform customers by TechValidate, a 3rd-party research service.

“With all the configurations built into the Splunk Cloud Platform, we were able to minimize admin activities and make good efforts on the creation of use cases.” — Umesh Chandra Reddy Gangadasari, Security Officer, Genesys S.A.

Challenges

Genesys S.A. faced challenges that led it to evaluate and ultimately select Splunk Cloud Platform included:

  • Accessing, ingesting, searching and/or monitoring siloed data across organization
  • Too much time and/or resources spent on time-consuming admin tasks instead of high-value use case delivery

Use Case

Genesys S.A. is a Security customer of Splunk and found significant value in migrating to Splunk Cloud Platform due to the following features and functionalities.

  • Ability to stream unstructured data from all systems, devices and people
  • Enhanced self-service for end-users
  • Highly secure environment that meets rigorous security and compliance standards

The main reasons Genesys S.A. decided to migrate was to realize additional elasticity in its Splunk deployment.

Results

Genesys S.A. agrees with the following statements after using Splunk Cloud Platform:

  • Splunk Cloud Platform ensures we are meeting necessary compliance and security standards.
  • Splunk Cloud Platform provides the same power and flexibility of Splunk Enterprise, but with significantly less of the management burden.
  • Splunk Cloud Platform allows us to innovate more quickly and our end users are happier.

With a return on their investment in Splunk Cloud Platform within 12+ months, Genesys S.A. rates improvements in the following areas since its migration:

  • Time-to-Value: significantly improved
  • Security/Compliance: significantly improved
  • Administrative Tasks: improved

Splunk Cloud Platform Case Study

Standard Bank of South Africa Ltd. Sees Immediate ROI on Its Migration to Splunk Cloud Platform

Introduction

This case study of Standard Bank of South Africa Ltd is based on a March 2022 survey of Splunk Cloud Platform customers by TechValidate, a 3rd-party research service.

“Our migration to Splunk Cloud was successful, because it was properly planned by the program manager, and Splunk assisted our team in executing the migration task as planned,” said Rishaad Allie, Engineer, Standard Bank of South Africa Ltd. “After we migrated to Splunk Cloud, our IT Resilience team implemented Basic and Advanced system Observability, and created a dashboard for business SLI\SLO and error budgets.”

Challenges

Before migrating to the Splunk Cloud Platform, Standard Bank of South Africa faced challenges such as:

  • Accessing, ingesting, searching and/or monitoring siloed data across organization
  • Slow time-to-value
  • Difficulties expanding the hardware deployment

Use Case

Standard Bank of South Africa, Ltd. migrated to Splunk Cloud Platform while also using Splunk for Security, IT Operations, and DevOps. The organization migrated to Splunk Cloud because its overall IT organization is moving to cloud-based services and it is actively reducing its IT infrastructure costs. The features/capabilities of Splunk Cloud Platform that have been valuable to their organization include:

  • Powerful searching, reporting and analyzing capabilities
  • Ability to stream unstructured data from all systems, devices and people
  • Enhanced self-service for end-users
  • Highly secure environment that meets rigorous security and compliance standards
  • Innovation and an ability to take action by operationalizing decisions to drive impact across their operations

Results

Standard Bank of South Africa saw a return on their investment immediately, and reported that Splunk Cloud Platform:

  • Helps us focus our resources and/or time on higher priority initiatives by taking care of the infrastructure management and administration.
  • Ensures we are meeting necessary compliance and security standards.
  • Provides the same power and flexibility of Splunk Enterprise, but with significantly less of the management burden.
  • Allows us to innovate more quickly and our end users are happier.
  • Helps us onboard new teams and use cases with an ability to scale faster and on-demand.

The organization rates improvements in the following areas since using Splunk Cloud Platform:

  • Time-to-Value
  • Security/Compliance
  • Use Case Delivery
  • Administrative Tasks

Splunk Cloud Platform Case Study

Tempus Labs Improved Time-to-Value by Migrating to Splunk Cloud

Introduction

This case study of Tempus Labs, Inc. is based on a March 2022 survey of Splunk Cloud Platform customers by TechValidate, a 3rd-party research service.

“Splunk has a robust stack of features and documentation. From ease of use, certifications, training, and customization, Splunk has it all. Lots of use cases, observability, monitoring, security, machine learning, ITOps, you name it. Splunk can do it.” — Michael Tayo, Cloud Security Engineer at Tempus Labs.

Challenges

Tempus faced the following challenges before migrating to the Splunk Cloud Platform:

  • Accessing, ingesting, searching and/or monitoring siloed data across organization
  • Too much time and/or resources spent on time-consuming admin tasks instead of high-value use case delivery
  • Issues maintaining compliance or meeting security standards
  • Slow time-to-value
  • Difficulties expanding the hardware deployment

Use Case

Tempus is using Splunk for Security, IT Operations and DevOps and decided to migrate because their overall IT organization is moving to cloud-based services, and they needed additional elasticity in their Splunk deployment going forward.

The organization has found the following features and capabilities of Splunk Cloud Platform most valuable:

  • Powerful searching, reporting and analyzing capabilities
  • Ability to stream unstructured data from all systems, devices and people
  • Ability to reallocate time-consuming tasks to Splunk to focus on high-value use case delivery

Results

Tempus agrees with the following statements after using Splunk Cloud Platform:

  • Splunk Cloud Platform provides the same power and flexibility of Splunk Enterprise, but with significantly less of the management burden.
  • Splunk Cloud Platform allows us to innovate more quickly and our end users are happier.
  • Splunk Cloud Platform helps us onboard new teams and use cases with an ability to scale faster and on-demand.

Tempus rates improvements in time-to-value, use case delivery, and administrative tasks since migrating to the Splunk Cloud Platform. The company saw significant improvements in security and compliance as well.




More Research on Splunk