Atlanta – November 14, 2013 – Damballa today announced a technology alliance with Splunk Inc., and the Damballa Failsafe Technology Add-on for Splunk Enterprise, which combines Damballa’s advanced threat protection and containment capabilities with the advanced machine data analytics platform Splunk® Enterprise. The combination provides enterprises with a ‘single pane of glass’ view into their security posture for advanced, often hidden threats.
Damballa Failsafe provides enterprises with actionable intelligence to act efficiently and decisively to find, contain and respond to all of the active infections in your network, prevent breaches and eliminating risk from advanced threats. Splunk Enterprise is a big data security intelligence platform used for log management, incident investigation and response, forensics, security and compliance reporting, fraud detection and real-time detection of known and unknown threats.
In conjunction with the partnership, Damballa today is making available an integration between Damballa Failsafe and Splunk Enterprise. The Damballa Failsafe Technology Add-on will enable all Damballa advanced threat discoveries to flow into Splunk Enterprise (versions 5.x and 6.x) for direct correlation with other solutions and integration with the Splunk App for Enterprise Security.
“The ability to correlate security Big Data, and provide meaningful analytics across it, in one place, is becoming increasingly critical to improving security posture,” said Brian Foster, CTO of Damballa. “Splunk Enterprise is quickly becoming the platform that enterprises leverage to harness their data and improve their intelligence. Having access to Damballa’s actionable threat intelligence within the context of other security and enterprise intelligence, enterprises can harness the combination to significantly improve their response time and posture.”
Leveraging Damballa and Splunk Enterprise together, enterprises can:
- Optimize resources through a ‘single pane of glass’ view into Damballa events, now available within Splunk Enterprise
- View their security posture regarding “hidden” advanced threats, via the Damballa dashboard
- Improve correlation and incident response, through the ability to search Damballa evidence within Splunk Enterprise
- Conduct rapid forensic investigation, with the ability to rapidly investigate the prior activities of a device from other logs to determine how the device might have become infected, its behavior related to other devices, etc.
“Damballa’s solution is compelling because it gives organizations the ability to find, contain and respond to active infections that make it through perimeter defenses undetected, regardless of the source of the threat, entry vector, or OS of the device,” said Bill Gaylord, senior vice president of business development at Splunk. “Damballa finds real, actionable risk, and leveraging this new integration will give our joint customers access to information they need to improve their security posture and quickly mitigate the threats likely to cause the most damage to their organization.”
As the experts in advanced threat protection and containment, Damballa delivers breach resistance to organizations that need to cost-effectively and efficiently eliminate the risk of business loss from Advanced Threats. Damballa gives you full visibility to find, contain and respond to all of the active and risky infections that make it through perimeter defenses undetected, regardless of their source of the threat, entry vector, or OS of the device, from both known and unknown malware. Damballa finds more real risk than any other threat protection solution in the market and is an investment that outlasts the malware arms race. Damballa protects more than 400 million users globally at enterprises in every major market and for the world’s largest ISP and telecommunications providers. For more information, visit www.damballa.com, or follow us on Twitter @DamballaInc.
Splunk Inc. (NASDAQ: SPLK) provides the engine for machine data™. Splunk® software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks, sensors and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 6,000 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. Splunk Cloud™ is a service that delivers Splunk Enterprise in the cloud for large-scale production environments. Splunk Storm®, a cloud-based subscription service, is used by organizations developing and running applications in the cloud. Hunk™: Splunk Analytics for Hadoop is a fully integrated analytics platform for Hadoop that enables everyone in an organization to interactively explore, analyze and visualize historical data in Hadoop.
To learn more, please visit www.splunk.com/company.
All brand names, product names, or trademarks belong to their respective owners.