Aside from this and other partnerships, Splunk is also pursuing a more standards-based approach than many of its competitors — something that should have been highlighted in keynote presentations. On the observability side, Splunk has long supported the Open Telemetry (Otel) standard of APIs, SDKs, etc. For cybersecurity, Splunk helped create the Open Cybersecurity Framework (OCSF), an open-source, vendor-agnostic standard that provides a common language for cybersecurity data, allowing different security tools to share, manage, and analyze security events more effectively.
Beyond Splunk, adoption of these standards could improve cybersecurity data integration, processing, and analysis for everyone.
Zeroing in on security operations
Splunk also articulated a focus on easing the burden around security operations. It announced a premier version of Splunk Enterprise Security, an integrated platform that includes SIEM, SOAR, UEBA, threat intelligence management, AI assistant, and an analyst workbench. Splunk also announced Detection Studio for help with detection engineering management — detections as code, rules creation, change management, workflows, etc. Finally, Splunk described agentic AI features and initiatives around threat detection, workflow automation, and incident response that are available today or coming soon.