TechValidate Research on Splunk


Splunk Case Study

A Medium Enterprise Computer Software Company Saves Up To $1 Million in Analyst Time Using Splunk SOAR

Introduction

This case study of a medium enterprise computer software company is based on a March 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Before implementing Splunk SOAR, the medium enterprise computer software company was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Integrating our disparate security technologies
  • Addressing a lack of personnel on our security staff
  • Creating standardized security workflows

Use Case

The software company rated these Splunk SOAR features and functionalities superior when compared to other SOAR vendors/solutions:

  • Alert, Event & Case Management
  • Team Collaboration on Events and Cases
  • Ease of Use
  • Ability to Automate Our Key Use Cases
  • Ability to Integrate with Our Key Technologies
  • Building and Deploying Playbooks
  • Visualization with Dashboards and Reporting

In addition to rating the integration between Splunk SOAR and Splunk Enterprise and Cloud Platforms, and Splunk Enterprise Security (SIEM) as highly valuable, the company reported significant increases in speed and efficiency when automating the following use cases:

  • Splunk Enterprise Security (SIEM) Alerts/Notables Investigations
  • Cloud Security Alert Investigations
  • Endpoint Security Alert Investigations
  • Network Security Alert Investigations
  • Vulnerability Patching & Remediation
  • Scheduled Identity and Access Management checkups
  • Scheduled Attack Surface Enumeration
  • Ad-Hoc Threat Hunting

Results

The surveyed company was able to immediately automate multiple security workflows after deploying Splunk SOAR, and said it had reduced mean time to respond to security incidents. The company confirmed that since using Splunk SOAR, its team is 5 times faster to security events, and they achieved savings of up to $1 Million in their first 12 months of use (based on analyst time saved).





About This Data

This data was sourced directly from verified users of Splunk by TechValidate.

TechValidate verifies the identity and organizational affiliation of all participants that contribute to published research data. When research participants so desire, we also guarantee their anonymity so that they may share information honestly and freely.


More Research on Splunk