Splunk Adaptive Response Initiative for Security Analysts

Splunk has developed the Adaptive Response Initiative to connect with a community of best-of-breed security vendors to improve cyber defense strategies and security operations. Founding participants of the Adaptive Response Initiative include Carbon Black, CyberArk, Fortinet, Palo Alto Networks, Phantom, Splunk, Tanium, ThreatConnect and Ziften.

“The mission of the Adaptive Response Initiative is to bring together the best technologies across the security industry to help organizations combat advanced attacks,” said Haiyan Song, senior vice president of security markets, Splunk. “Modern cyber threats are dynamic, and attackers are constantly finding new ways to get in and exploit networks and systems. This new challenge goes well beyond preventing individual stages of an attack. Adaptive Response aims to more effectively connect intelligence across best-of-breed technologies to help organizations improve their security posture, quickly validate threats, and systematically disrupt the kill chain.”

“The Adaptive Response Initiative is a welcome move to work on the speed and strength of threat detection and response by working to connect intelligence across security domains such as endpoints and networks,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Best-of-breed tools and products have done a good job so far and are still essential, but they are not designed to work well together out of the box. The Adaptive Response Initiative is determined to enable these discrete technologies to work together through a connected nerve system, like Splunk, with a goal of making security teams work faster, smarter and with more agility.”

“The Adaptive Response Initiative is an exciting step forward in helping enterprises defend against advanced attacks,” said Tobias Langbein, security architect, Swisscom. “We worked with Splunk on our Collaborative Security model, which shares a similar framework and approach of the Adaptive Response Initiative. Security teams must be quicker than ever in processing a vast number of alerts with accuracy, and we could no longer afford the manual method of coordinating across various siloes of security for incidence response within our environments.”

Unlike traditional approaches, an adaptive response model combines alert and threat information from multiple security domains and technologies. This collective insight enables security teams to make better-informed decisions across the entire kill chain, especially when validating threats and applying analytics-driven response directives to their security environment. All participants of the Advanced Response Initiative are committed to support a multi-layered security architecture to better connect intelligence across security technologies. Additionally, analytics-driven security can help organizations adapt and respond faster to threats.