Big data analytics company Splunk Inc. is building on the launch of its Observability Cloud with a new, cloud-centric suite of security tools that its customers will be able to use to identify and investigate threats.

Launching today, the Splunk Security Cloud is billed as a comprehensive security operations platform that combines advanced security analytics with automation, investigations, threat intelligence and response capabilities. It’s meant to help customers cope with the constant challenge of securing data and ensuring compliance, Splunk said.

Splunk sells a wide range of tools that are used by enterprises to monitor, search, analyze and visualize machine-generated data in real time. It provides easy access to the entirety of an enterprise’s operational data, delivering insights that can aid in business decision-making.

More recently Splunk has been laser focused on providing operational insights to help enterprises keep their businesses up and running. In May it launched the Splunk Observability Cloud for monitoring business applications and the infrastructure they run on. Companies get early warnings of any operational issues that might affect the performance of their apps, then investigate and troubleshoot before problems begin.

The launch of Splunk Security Cloud builds on that release, helping enterprises ensure that security breaches don’t affect their operations either. In a blog post, Jane Wong, Splunk’s vice president of security products, said the launch comes at a time when cybersecurity challenges have come to the fore in the wake of the sudden shift to remote work.

“The rapid migration to remote work at scale left 80% of CIOs unprepared, and SecOps teams struggled to confront the evolving threat landscape with disparate toolkits and skill sets,” Wong said. “Not to mention that as more organizations shifted to hybrid and multicloud environments at scale, cloud complexity (and cloud based threats) skyrocketed.”

Wong said the best way to cope with this evolving threat landscape is through a data-centric approach to security, and she said that’s what the Splunk Security Cloud brings.

First and foremost, Splunk Security Cloud works by performing advanced security analytics on a company’s operational data and systems to detect any security issues or threats in their multicloud information technology environments. It also provides automated security operations, helping drive much faster detection of any problems, then investigate and respond to those issues in just seconds, Wong said. On the threat intelligence side, this involves collecting and prioritizing any potential threats that may need further investigation.

The real secret to Splunk Security Cloud, though, is that it’s based on an open ecosystem that’s able to analyze data from multiple security products. Wong said the platform correlates data from various third-party security tools to ensure much greater visibility than one platform alone can provide. Splunk has more than 2,500 partners and 300 third-party integrations, she explained, allowing companies to take a much more agile approach to security.

There’s more to come too. Wong said the launch of Splunk Cloud comes a few weeks after the company announced it will acquire the cloud-native security startup TruSTAR Technology Inc. that specializes in data-centric threat intelligence. Wong said Splunk is working to integrate TruSTAR’s capabilities into the Splunk Security Cloud via an update that’s due to arrive in the coming months.

Constellation Research Inc. analyst Holger Mueller told SiliconANGLE he believes Splunk makes a strong case for being able to help enterprises adopt a more complete security posture, thanks to its track record and ability with data analytics. “Splunk is wasting no time in launching new offerings, and it will be key to see the adoption of these new products and how they’re performing in a few months’ time,” he added.

Image: Splunk