Splunk Deepens Its Security Bench With TruSTAR Acquisition

The News: SAN FRANCISCO – May 18, 2021 – Splunk Inc. (NASDAQ: SPLK), provider of the Data-to-Everything Platform, today announced it has signed a definitive agreement to acquire TruSTAR, a San Francisco-based cloud-native security company providing a data-centric intelligence platform. Read the full release in Splunk’s Newsroom.

Analyst Take: Splunk continues to invest in complementary acquisitions that make its security portfolio more extensible and enable customers to scale their cybersecurity efforts.

TruSTAR isn’t a household name by any means. Still, Splunk’s mission continues to zero in on scaling its security business from SecOps tools to a full-scale cloud-based observability platform that enables enterprises to access all data sources and simplify intrusion detection at scale while also responding to threats using increased automation capabilities.

TruSTAR has recently been actively accelerating its ecosystem. In late March, the company announced a key partnership with ServiceNow to implement its Security Incidence Response (SIR) solution to prepare and normalize security intelligence data from multiple sources to distribute information between teams, industry peers, and other data systems. This partnership sought to accelerate automation to remediate threats more quickly. While this joint effort was only recently announced, TruSTAR has been partnering with ServiceNow for nearly 3 years.

The Challenge is in Network Complexity – Splunk Seeks to Simplify 

A modern network provides the enterprises with what is required to keep it secure, but it isn’t always intuitive as these insights are locked in the data. Furthermore, as networks continue to proliferate, including on-prem, hybrid cloud, and containerized nodes, it adds volume and complexity to the data. In its continued evolution, Splunk is looking to build and scale its solutions to make real-time information more accessible and create an end-to-end workflow that incorporates the latest in automation to quickly identify and remediate issues prior to any business disruption.

I see the acquisition as a layer in Splunk’s security platform, in particular, to support its automation, detection, and response workflows coupling broad data sets of first and third-party intelligence sources to leverage internal and historical intelligence sources.

This acquisition will also provide additional resources for TruSTAR customers, which will also be able to take advantage of community and freemium feeds from several of Splunk’s commercial threat intelligence integration partners, including Intel471, Recorded Future, and Mandiant.

Deal Details in Limited Supply

The Splunk press release didn’t provide much detail on the deal size or terms. I believe this is a strategic puzzle piece for Splunk to enrich the offering, and TruSTAR clearly had capabilities that could quickly and seamlessly incorporate into Splunk’s ecosystem. This type of deal fits the historical pattern at Splunk that has included several smaller acquisitions that add key features and match Splunk’s ambitions to scale its offerings and migrate to meet the complexities of shifting IT requirements and a growing focus on enterprise security.

Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.

Other insights from Futurum Research:

Juniper Gets More SASE

Cisco Nexus 400G: Delivering Ecosystem-wide Data Center Networking Innovation

Cisco’s Acquisition of Socio Labs Points to the Future of Hybrid Event Management Solutions

Image Credit: Splunk



Author Information

Daniel is the CEO of The Futurum Group. Living his life at the intersection of people and technology, Daniel works with the world’s largest technology brands exploring Digital Transformation and how it is influencing the enterprise.

From the leading edge of AI to global technology policy, Daniel makes the connections between business, people and tech that are required for companies to benefit most from their technology investments. Daniel is a top 5 globally ranked industry analyst and his ideas are regularly cited or shared in television appearances by CNBC, Bloomberg, Wall Street Journal and hundreds of other sites around the world.

A 7x Best-Selling Author including his most recent book “Human/Machine.” Daniel is also a Forbes and MarketWatch (Dow Jones) contributor.

An MBA and Former Graduate Adjunct Faculty, Daniel is an Austin Texas transplant after 40 years in Chicago. His speaking takes him around the world each year as he shares his vision of the role technology will play in our future.


Latest Insights:

Daniel Newman and Patrick Moorhead share their insights on Intel's latest developments and performance at Computex, revealing how these announcements could shape the future of technology.
In this episode of Infrastructure Matters, hosts Camberley Bates, Steve Dickens and Krista Macomber cover the latest from conferences: Broadcom Mainframe, NetApp AR, Splunk and AWS reinforce.
Spurthi Kommajosula from IBM joins host Steven Dickens to share insights on modernizing data exchange to accelerate data and AI outcomes—illustrating the need for efficiency, governance, and the benefits of treating data as a valuable product.
Prakash Darji and Shawn Hansen, GMs at Pure Storage, join Daniel Newman and Patrick Moorhead to share their insights on pioneering data storage solutions and the transformative impact on businesses today.