Splunk to buy security intelligence-sharing startup TruStar

Enterprise

Join Transform 2021 this July 12-16. Register for the AI event of the year.


Splunk today announced it plans to acquire security software company TruStar for an undisclosed amount. The acquisition will add TruStar’s cloud-native, cyber intelligence-sharing capabilities and automated processes to Splunk’s growing cybersecurity portfolio.

“TruStar will help us get even better at predictive threat assessments by strengthening our threat intelligence framework. This acquisition will allow customers to autonomously and seamlessly enrich their (security operation center) workflows with threat intelligence data feeds from heterogeneous sources,” Splunk president and CEO Doug Merritt told VentureBeat in an exclusive interview.

The pending deal is in line with Splunk’s philosophy that “security is a data problem,” he said. The announcement marks a return to M&A activity for Splunk, which last made a major acquisition in 2019, when the San Francisco-based company bought SignalFX for $1.05 billion.

“We have been invested in SIEM (security information and event management) since 2011,” Merritt said. “We help customers with intelligence that identifies threats, focusing especially on insider threats and user behavior analysis to better predict where potential exposure exists.”

“What we like about TruStar is that they have the same focus. Like Splunk, TruStar’s platform is data-centric, with an emphasis on integration and automation. Like Splunk, TruStar takes an API-first approach to power an open ecosystem of integrations to deliver normalized intelligence in-workflow and on-demand,” he added.

Turning threat data into actionable intelligence

Founded in 2017, TruStar is also based in San Francisco. At the highest level, the TruStar Intelligence Platform enables SOC analysts to gather and share cybersecurity intelligence generated by automated data collection processes — tapping into internal and third-party threat intelligence sources. If the acquisition goes to plan, those capabilities will be added to Splunk’s Data-to-Everything Platform, according to Splunk. This will let Splunk customers “autonomously and seamlessly enrich their detection and response workflows” with additional threat intelligence, via a cloud-based delivery system.

TruStar users will also gain additional threat data from Splunk commercial threat intelligence integration partners like Intel471, Recorded Future, and Mandiant.

“We founded TruStar to help security teams unlock the signal in their data to accelerate automation and power seamless intelligence sharing while preserving privacy in the cloud,” cofounder and CEO Patrick Coughlin said in a statement. “We’re thrilled to join Splunk. Combining TruStar with Splunk’s leading enterprise data platform will bring security and IT teams to a new level of integration, automation, and resilience.”

Merritt said chief information security officers (CISOs) and other security leaders are taking an increasingly data-centric approache to security.

“At its core, security is a data problem, particularly in today’s hybrid and multicloud era, where enterprises are overwhelmed with a massive amount of data. Normalized, prioritized intelligence is critical to the automation of security operations,” Merritt said.

Splunk this week also announced it has hired Varoon Bhagat as vice president and head of corporate development. Bhagat will oversee the company’s M&A strategy and investment arm, Splunk Ventures, which was launched in 2019. Bhagat was most recently an M&A strategist with Salesforce, helping execute the acquisitions of companies like Slack and Tableau.

“We are really excited about Varoon. What a phenomenal addition to our team. Salesforce has been so successful with its M&A approach, and Varoon has added immediate value to Splunk already,” Merritt said.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member