Splunk Inc., first in delivering “aha” moments from machine data, announced a definitive agreement to acquire Phantom Cyber Corporation, a leader in Security Orchestration, Automation, and Response (SOAR). Under the terms of the agreement, Splunk will acquire Phantom for a total purchase price of approximately $350 million, subject to adjustment, to be paid in cash and stock. The acquisition is expected to close during the first half of 2018, subject to customary closing conditions and regulatory reviews. Oliver Friedrichs, Founder, and CEO, Phantom will report to Haiyan Song, senior vice president and general manager of security markets, Splunk.
“Phantom’s employees and technology significantly expand and strengthen Splunk’s vision for the security nerve center and for business revolution through IT,” said Doug Merritt, President and CEO, Splunk. “Splunk is committed to continuously pushing the limits of technology to help our customers get the answers they need from their data. I am very excited to reach this definitive agreement with Phantom and look forward to welcoming the team to Splunk.”
“Sourabh Satish and I founded Phantom to give SOC analysts a powerful advantage over their adversaries, a way to automatically and quickly resolve threats,” said Oliver Friedrichs, Founder and CEO, Phantom. “Combining SOAR with the industry’s leading big data platform is a revolutionary advance for security and IT teams and will further cut down the time it takes them to eliminate threats and keep the business running. We are thrilled to empower Splunk customers to solve these important challenges.”
Analytics-Driven Security and SOAR
SOAR platforms improve the efficiency of security operations by automating tasks, orchestrating workflows, improving collaboration, and enabling organizations to respond to incidents at machine speed. According to Gartner*, “By year-end 2020, 15% of organizations with a security team larger than five people will leverage SOAR tools for orchestration and automation reasons, up from less than 1% today.”
Customers will be able to use Splunk® technology for orchestration and automation as an integral part of their Security Operations Center (SOC) platform to accelerate incident response while addressing the skills shortage. The combination will help SecOps teams to:
● Advance cyber defense and reduce organizational risk using analytics-driven security
● Respond faster by accelerating incident response
● Work smarter and reduce staffing and skills challenges
Automation Beyond Security
Once integrated with the Splunk platform, IT teams will be able to leverage these automation capabilities to help solve automation challenges in a widening range of use cases, including Artificial Intelligence for IT Operations (AIOps). According to Gartner**, “By 2022, 40% of all large enterprises will combine big data and machine learning functionality to support and partially replace monitoring, service desk and automation processes and tasks, up from 5 percent today.”
“The majority of purchase price consideration will be paid from cash on our balance sheet. Total equity consideration plus Phantom employee retention incentives will result in less than one percent total dilution from this transaction,” said Dave Conte, chief financial officer, Splunk.