Splunk Goes All in on AI: New Innovations to Enhance Security, Customer Experience, and Visibility

Splunk Goes All in on AI: New Innovations to Enhance Security, Customer Experience, and Visibility

The News: Splunk leveraged its annual .conf23 event to launch product updates and announce a significant pivot to AI. For the full announcement details, see the Press Releases on Splunk’s website, here and here.

Splunk Goes All in on AI: New Innovations to Enhance Security, Customer Experience, and Visibility

Analyst Take: Splunk, a leading provider of security and observability solutions, with more than 14,000 customers globally, announced several new innovations at its annual user conference, .conf23 this week. According to the company, the new innovations are designed to help enterprises enhance their security operations, drive exceptional customer experiences, and gain unparalleled visibility across their hybrid cloud environments.

One of the key innovations announced at .conf23 was Splunk Attack Analyzer. Splunk Attack Analyzer is designed to be an automated threat analysis tool that helps security operations teams quickly identify and respond to threats. The tool uses machine learning (ML) to analyze security telemetry data and identify anomalous activity that could be indicative of a threat. Splunk Attack Analyzer also provides context about the threat, such as the source of the attack, the affected systems, and the potential impact. With security teams embattled by an overwhelming number of attacks and devices to manage, any strides to provide ML-driven attack analysis will be well received.

Another key innovation announced by Splunk is the integration of Splunk Observability Cloud and Splunk Cloud Platform. This integration gives organizations a unified view of their customer-facing systems, including applications, infrastructure, and data. This unified view can help organizations to identify and resolve customer-impacting issues more quickly.

The most interesting announcement at the show, for me at least, was Splunk Edge Hub – the announcement that Splunk is entering the hardware market, albeit via collaboration with a hardware developer. Edge Hub is designed to move observability to the far edge and provide out-of-the-box metrics and reporting for a variety of operational technology (OT) variables. When integrated with the Splunk platform, Edge Hub empowers customers with a range of insightful capabilities:

  • Environmental Monitoring: With the capacity to track and analyze various environmental factors such as water quality, temperature, humidity, and gases, organizations can swiftly pinpoint and address potential issues. This ability to identify and remediate problematic conditions enhances operational efficiency and sustainability.
  • Predictive Analytics: Leveraging advanced analytics, Splunk Edge Hub enables the detection of anomalies in manufacturing processes. Early indications of equipment maintenance needs or outages can be surfaced, allowing proactive measures to minimize operational downtime. This predictive approach optimizes resource allocation and enhances overall manufacturing efficiency.
  • Enhanced Visibility Across IT and OT Environments: By providing comprehensive visibility across both IT and OT landscapes, the platform empowers organizations to better detect, investigate, and resolve threats and IT stressors. This consolidated approach streamlines security operations and strengthens overall cyber-resilience.
  • Empowering Custom Solutions: Through collaboration with industry experts, Splunk Edge Hub facilitates the creation of tailor-made solutions for environments historically challenging to extract data from, such as transportation, oil & gas, and supply chain sectors. This capability empowers businesses to unlock valuable insights from previously-untapped data sources, driving innovation and operational excellence.

By combining these capabilities, Splunk Edge Hub offers valuable operational insights and facilitates informed decision-making and optimization across diverse industries. It is a powerful tool to harness the potential of data-driven solutions and drives positive transformation for organizations of all scales.

I will be interested to see how the go-to-market model works as Splunk is not actively selling this product but rather building an ecosystem of OT partners who will be the route-to-market. Overall, I am bullish for the prospects for this new solution as the industrial OT market is massively underserved for this type of IT-driven observability and security-focused solutions.

Finally, Splunk also announced several enhancements to its Splunk Platform. These enhancements include new capabilities for data ingestion, storage, and analysis. The new capabilities are designed to help organizations gain even greater visibility into their hybrid environments.

Overall, the new portfolio innovations announced by Splunk are designed to help organizations improve their security posture, deliver better customer experiences, and gain greater visibility into their hybrid environments.

Splunk AI Announcements

Unsurprisingly, Splunk jumped on the AI trend with new offerings, collectively known as Splunk AI, which are designed to help organizations accelerate detection, investigation, and response across security and observability.

One of the key offerings in Splunk AI is Splunk Attack Analyzer, and the addition of AI to this newly-announced tool makes perfect sense to me. The tool’s ability to analyze security telemetry data from various sources, including network traffic, endpoint data, and cloud logs, and then leverage AI to identify anomalous activity that could be indicative of a threat and provide context about the threat, such as the source of the attack, the affected systems, and the potential impact, will be welcomed by resource-constrained security teams.

Another key offering in Splunk AI is the Splunk App for Anomaly Detection. The Splunk App for Anomaly Detection is a streamlined end-to-end operational workflow that helps organizations simplify and automate anomaly detection within their environment. The app uses ML to identify anomalies in data and then provides insights into the anomalies so that organizations can quickly investigate and respond to them.

Splunk AI also includes a new generative AI app called Splunk AI Assistant. Splunk AI Assistant is a chat-based app that helps organizations get faster answers to their questions. The app uses ML to understand the context of the user’s question, and then searches Splunk’s data for the most relevant answers. Splunk AI Assistant can also be used to automate tasks, such as running reports or creating alerts.

Overall, Splunk AI is a collection of powerful AI-powered offerings that can help organizations accelerate detection, investigation, and response across security and observability. The new offerings are designed to be easy to use and deploy, and they can help organizations to improve their security posture and reduce their risk of attack.

Looking Ahead

Splunk is becoming more focused, streamlined, and innovation-driven under the leadership of its relatively new CEO, Gary Steele. During the .conf event, Steele spent time with us taking questions, and the overall feedback is that the company is laser focused on increasing the speed of innovation, and the announcements this week are testament to this focus.

This week’s AI announcements are in step with industry trends and make a lot of sense as overwhelmed IT operations and security teams need all the help they can get to deal with the complexity of hybrid multi-cloud environments. The Edge Hub will be interesting to watch roll out as this is a “build it, and they will come” strategy for the company, but I expect to see this solution gain traction over the next 18 months.

Overall, Splunk is delivering on its mission and the focus on observability and security, and these align with strong market trends where growth is still prevalent.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

UK AI Regulations Criticized: A Cautionary Tale for AI Safety

watsonx.ai Leverages Foundation Models to Accelerate AI Application Development

Infor Announces Ask ChatGPT Widget Using OpenAI APIs

Author Information

Steven engages with the world’s largest technology brands to explore new operating models and how they drive innovation and competitive edge.

Related Insights
Databricks AI’s GPU Reliability Push Exposes Hidden Risks for Large-Scale Training
July 3, 2026

Databricks AI’s GPU Reliability Push Exposes Hidden Risks for Large-Scale Training

Databricks AI reveals critical GPU reliability challenges in distributed training environments. Silent slowdowns and numerical corruption pose greater risks than visible failures, threatening model quality and compute efficiency at enterprise...
AI Code Review Hits a Wall: Why Speed Without Trust Risks Engineering Chaos
July 3, 2026

AI Code Review Hits a Wall: Why Speed Without Trust Risks Engineering Chaos

A survey shows 94% of engineering leaders use agentic AI coding tools, but 55% struggle with reliability and hallucinations—revealing a critical gap between development speed and production quality....
Brave's Browser Containers Raise the Bar for Privacy and Workflow Flexibility
July 3, 2026

Brave’s Browser Containers Raise the Bar for Privacy and Workflow Flexibility

As AI platform adoption accelerates to $181.3B projected market size, Brave's v1.92 release introduces native browser containers addressing data privacy concerns for 52.6% of enterprise decision makers managing multi-cloud AI...
Is Self-Healing ITOps Ready to Replace Manual Incident Response?
July 3, 2026

Is Self-Healing ITOps Ready to Replace Manual Incident Response?

LogicMonitor's AI-driven ITOps framework combines root-cause analysis with governed automation to reduce alert fatigue and accelerate issue resolution, as agentic AI reshapes enterprise infrastructure management....
Can DataRobot's Unified AI Governance Break the Silo Trap for Enterprise AI?
July 3, 2026

Can DataRobot’s Unified AI Governance Break the Silo Trap for Enterprise AI?

DataRobot's unified AI governance platform extends beyond public cloud to on-premises, edge, and air-gapped environments, directly addressing the enterprise AI fragmentation problem where visibility ends at deployment boundaries....
Oracle Makes the Case for AI Inside Everyday Leadership Workflows
July 2, 2026

Oracle Makes the Case for AI Inside Everyday Leadership Workflows

Keith Kirkpatrick, Research Director at The Futurum Group, examines how Oracle Manager Edge embeds AI-powered coaching into Oracle Cloud HCM, bringing real-time guidance into managers' daily workflows and strengthening Oracle's...

Book a Demo

Welcome

The vision behind everything in Futurum’s Custom Research practice is this: research should show you what is happening, what comes next, and what to do about it. It should be personal to each audience, easy for people to grasp, and structured so LLMs can reason over it accurately. And it should be fast and turnkey; you want answers now, not another project to carry for quarters.

Whether you are defining business, channel, or go-to-market strategy; evaluating vendors or justifying ROI; or commissioning research to fill an emerging market need, we have your back, with a program that answers your questions with the objectivity and credibility to drive real decisions.

To do it, we bring unmatched data to bear: Futurum research, surveys, and market projections; validated market feeds; ETR’s 15 years of insight from 10,000 technology decision-makers; G2’s buyer and user data; and what our analysts hear every day. Add leading primary collection, from AI-moderated voice interviews to surveys and analyst-led interviews, all turnkey, and every project comes out credible, nuanced, and actionable.

And we don’t just drop the results in your lap. For internal work, we provide analyst-led sessions, interactive dashboards, and a range of formats. For market-facing work, Futurum delivers turnkey activation and amplification that actually gets seen, by people and by LLMs, through our media and share of voice. This is research that moves decisions and markets.

We will meet you wherever you are, from a fast-turn brief to a multi-year program, and shape the work to your goals, timeline, and budget. The right program for your moment.

If any of this is useful, I would love to talk.

Benjamin Brown, VP Custom Research, Futurum Research

Benjamin Brown

VP, Custom Research · The Futurum Group

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.