Splunk Inc. announced on Monday that it has closed the acquisition of Phantom Cyber, a vendor of Security Orchestration, Automation and Response (SOAR) offerings. Phantom’s SOAR platform helps organizations improve the efficiency of their Security Operations Center (SOC) by automating tasks, orchestrating workflows, improving collaboration and enabling incident response at machine speed.
The aggregate purchase price for the transaction was approximately $350 million, excluding working capital and other adjustments, paid in cash and restricted common stock.
Automation and orchestration are integral parts of security customers’ SOC strategies to accelerate incident response while addressing the security skills shortage.
Phantom’s SOAR platform offers automation capabilities that will also assist IT teams in solving challenges in a variety of use cases, including Artificial Intelligence for IT Operations (AIOps).
SOAR platforms improve the efficiency of security operations by automating tasks, orchestrating workflows, improving collaboration, and enabling organizations to respond to incidents at machine speed. Customers will be able to use Splunk technology for orchestration and automation as an integral part of their Security Operations Center (SOC) platform to accelerate incident response while addressing the skills shortage. The combination will help SecOps teams to advance cyber defense and reduce organizational risk using analytics-driven security; respond faster by accelerating incident response; and work smarter and reduce staffing and skills challenges.
According to Gartner, “By year-end 2020, 15 percent of organizations with a security team larger than five people will leverage SOAR tools for orchestration and automation reasons, up from less than 1 percent today.”
“Today marks an exciting new era for Splunk and Phantom customers, partners and employees,” said Doug Merritt, president and CEO, Splunk. “The combination of Splunk’s machine data platform with Phantom’s SOAR technology will accelerate a new age of analytics-driven security and expand Splunk’s vision as the security nerve center for SOCs around the world.”