Damballa and Splunk Join Forces for Advanced Threat Protection and Containment

  Damballa and Splunk Join Forces for Advanced Threat Protection and

  Integration Enables Reduced Response Time, Better Visibility into ‘Hidden’
                               Advanced Threats

Business Wire

ATLANTA -- November 14, 2013

Damballa today announced a technology alliance with Splunk Inc., and the
Damballa Failsafe Technology Add-on for Splunk Enterprise, which combines
Damballa’s advanced threat protection and containment capabilities with the
advanced machine data analytics platform Splunk® Enterprise. The combination
provides enterprises with a ‘single pane of glass’ view into their security
posture for advanced, often hidden threats.

Damballa Failsafe provides enterprises with actionable intelligence to act
efficiently and decisively to find, contain and respond to all of the active
infections in your network, prevent breaches and eliminating risk from
advanced threats. Splunk Enterprise is a big data security intelligence
platform used for log management, incident investigation and response,
forensics, security and compliance reporting, fraud detection and real-time
detection of known and unknown threats.

In conjunction with the partnership, Damballa today is making available an
integration between Damballa Failsafe and Splunk Enterprise. The Damballa
Failsafe Technology Add-on will enable all Damballa advanced threat
discoveries to flow into Splunk Enterprise (versions 5.x and 6.x) for direct
correlation with other solutions and integration with the Splunk App for
Enterprise Security.

“The ability to correlate security Big Data, and provide meaningful analytics
across it, in one place, is becoming increasingly critical to improving
security posture,” said Brian Foster, CTO of Damballa. “Splunk Enterprise is
quickly becoming the platform that enterprises leverage to harness their data
and improve their intelligence. Having access to Damballa’s actionable threat
intelligence within the context of other security and enterprise intelligence,
enterprises can harness the combination to significantly improve their
response time and posture.”

Leveraging Damballa and Splunk Enterprise together, enterprises can:

  *Optimize resources through a ‘single pane of glass’ view into Damballa
    events, now available within Splunk Enterprise
  *View their security posture regarding “hidden” advanced threats, via the
    Damballa dashboard
  *Improve correlation and incident response, through the ability to search
    Damballa evidence within Splunk Enterprise
  *Conduct rapid forensic investigation, with the ability to rapidly
    investigate the prior activities of a device from other logs to determine
    how the device might have become infected, its behavior related to other
    devices, etc.

“Damballa’s solution is compelling because it gives organizations the ability
to find, contain and respond to active infections that make it through
perimeter defenses undetected, regardless of the source of the threat, entry
vector, or OS of the device,” said Bill Gaylord, senior vice president of
business development at Splunk. “Damballa finds real, actionable risk, and
leveraging this new integration will give our joint customers access to
information they need to improve their security posture and quickly mitigate
the threats likely to cause the most damage to their organization.”

Click To Tweet @DamballaInc and @Splunk Join Forces to Enhance Advanced Threat
Protection and Containment, Reduce Response Time http://ow.ly/qaYv7

About Damballa

As the experts in advanced threat protection and containment, Damballa
delivers breach resistance to organizations that need to cost-effectively and
efficiently eliminate the risk of business loss from Advanced Threats.
Damballa gives you full visibility to find, contain and respond to all of the
active and risky infections that make it through perimeter defenses
undetected, regardless of their source of the threat, entry vector, or OS of
the device, from both known and unknown malware. Damballa finds more real risk
than any other threat protection solution in the market and is an investment
that outlasts the malware arms race. Damballa protects more than 400 million
users globally at enterprises in every major market and for the world’s
largest ISP and telecommunications providers. For more information, visit
www.damballa.com, or follow us on Twitter @DamballaInc.

About Splunk

Splunk Inc. (NASDAQ: SPLK) provides the engine for machine data™. Splunk®
software collects, indexes and harnesses the machine-generatedbig datacoming
from the websites, applications, servers, networks, sensors and mobile devices
that power business. Splunk software enables organizations to monitor, search,
analyze, visualize and act on massive streams of real-time and historical
machine data. More than 6,000 enterprises, universities, government agencies
and service providers in over 90 countries use Splunk Enterprise to
gainOperational Intelligencethat deepens business and customer
understanding, improves service and uptime, reduces cost and mitigates
cybersecurity risk.Splunk Cloud™is a service that delivers Splunk Enterprise
in the cloud for large-scale productionenvironments.Splunk Storm®, a
cloud-based subscription service, is used by organizations developing and
running applications in the cloud.Hunk™: Splunk Analytics for Hadoop is a
fully integrated analytics platform for Hadoop that enables everyone in an
organization to interactively explore, analyze and visualize historical data
in Hadoop.

To learn more, please visitwww.splunk.com/company.

All brand names, product names, or trademarks belong to their respective


For Damballa
ZAG Communications
Kari Walker, 703-928-9996
Press spacebar to pause and continue. Press esc to stop.