Splunk plans to acquire threat intelligence management provider TruSTAR to bring its intel-sharing and automation capabilities into its portfolio.
TruSTAR was founded by Patrick Coughlin and Paul Kurtz in 2014 as a cloud-native tool designed to reduce complexity and improve threat detection and response. Its intelligence management platform pulls data from third-party providers and historical events to improve detections and automate and reduce the amount of time it takes businesses to detect and respond to attacks.
The news arrives as security operations centers (SOCs) are overwhelmed with data and the increase in remote work broadens the enterprise attack surface, Sendur Sellakumar, senior vice president of cloud and chief product officer at Splunk, wrote in a blog post. Upcoming Splunk research finds 78% of security pros expect another supply chain attack of the same magnitude as SolarWinds – or worse.
Splunk plans to integrate TruSTAR's intelligence platform into its Data-to-Everything platform so its customers can add threat intelligence from third-party sources and their own historical investigations into their SOC workflows.
"Ultimately, this will increase the effectiveness of their detections, accelerate automation and reduce the time it takes for customers to detect and remediate issues before they have an impact on the business," officials said in a statement.
Terms of the deal were not disclosed. Read the full release for more details.