Splunk announced on
July 9 that it had purchased Caspida, a Palo Alto startup that uses machine
learning techniques to help identify cyber-security threats from inside and
outside the company, for $190 million.
“Under the terms of the agreement, Splunk has acquired all
of the outstanding stock of Caspida for an aggregate purchase price of
approximately $190 million, including approximately $127 million in cash and
$63 million in restricted Splunk securities,” the Splunk posted on its blog.
Haiyan Song, SVP of security markets at Splunk said it
helped both companies to deal with the onslaught of machine data coming from IT
systems using data science techniques and automation to make sense of it. Part
of that is a growing security business, which accounted for a third of the
company revenue in its most recent quarter.
“With Caspida, Splunk accelerates its focus on solving
advanced threats - both external and from insiders - by shining a light on
those who are wrongfully using valid credentials to freely and unpredictably
exploit systems they have accessed. By addressing the entire lifecycle of known
and unknown advanced threats, and by providing a platform to detect, respond
to, and automate actions, Splunk has further reinforced its position as the
security nerve center,” he added.
It is said that Splunk is adding a new tool to its security
arsenal to beef up the ability to locate threats using the machine learning
techniques that Caspida has developed.
“Like everyone, Splunk has watched the growing number of
breaches over the last year, and its customers have been asking for better
security detection tools to help battle these threats, many of which use with
compromised credentials. This kind of attack is difficult to detect with
conventional security techniques looking for signatures or rules. If someone
comes in through the front door using valid credentials, there are no rules or
patterns. They look like a valid user,” Song explained.
According to the blog post, the 35 Caspida employees will
join Splunk immediately.
Caspida, which was launched in 2014, came out with its first
product at the end of last year.
“We founded Caspida with a vision of applying data science
to help solve the most pressing cybersecurity challenges - advanced threats and
insider threats,” said Muddu Sudhakar, CEO of Caspida.
“By analyzing machine data and using data science to detect
meaningful anomalous behavior of users, devices and entities, Caspida has
solved a problem that previously required significant manpower and expensive,
do-it-yourself toolsets. We are very excited to join the Splunk family and
deliver new detection capabilities to customers,” he explained.