Splunk, a company that taps machine data for operational insights, is buying Phantom Cyber, a provider of security orchestration, automation, and response (SOAR) for about $350 million in cash and stock. The acquisition is expected to close during the first half of 2018.
Oliver Friedrichs, founder and CEO of Phantom, will report to Haiyan Song, senior vice president and general manager of security markets at Splunk.
Machine data, a segment of big data, is generated by websites, applications, servers, networks, mobile devices, and sensors. Splunk turns machine data into insights for IT, Internet of Things (IoT), and security challenges.
Four-year-old Phantom Cyber, based in Palo Alto, California, has raised $22.7 million, according to Crunchbase. Its SOAR technology orchestrates key stages of security operations from prevention to security-breach resolution. It improves the efficiency of security operations by automating tasks, orchestrating workflows, and improving collaboration.
Splunk customers will benefit from Phantom Cyber’s technology as an integral part of their security operations centers (SOCs).
“Sourabh Satish and I founded Phantom to give SOC analysts a powerful advantage over their adversaries, a way to automatically and quickly resolve threats,” said Friedrichs, in a prepared statement. “Combining SOAR with the industry’s leading big data platform … will further cut down the time it takes them to eliminate threats and keep the business running.”
According to its website, San Francisco-based Splunk employs more than 3,000 people worldwide and counts more than 14,000 customers, including 85 of the Fortune 100 companies. It is publicly traded on NASDAQ.