In early July, Splunk announced the acquisition of Palo Alto startup Caspida for US$190 million. Caspida specializes in real-time cybersecurity and advanced persistent threat (APT) detection in corporate and cloud environments, using behavioral and security analytics. The next day, Splunk stock rose 4%, from US$69 to US$72 a share. The acquisition comes a few weeks after Splunk acquired another cybersecurity company, Vancouver-based Metafor Software, a provider of anomaly detection technology.
In less than a year, Splunk has made a significant move into the cybersecurity market, and is now set up to compete directly against security leaders. With the acquisitions, Splunk is taking on the SIEM (security information and event management) and APT detection markets; two hugely competitive but lucrative spaces. Many of the tools being employed to catch these threats are increasingly relying on behavioral analytics, pattern recognition, machine learning, and anomaly detection, not least because traditional malware signatures are useless against exploits that contain zero days. Caspida and Metafor will provide these security capabilities, and come to add to Splunk’s real-time machine data analytics. Essentially Splunk has moved into security analytics with these acquisitions, and will be able to rival the current security incumbents.