On September 21, Cisco introduced its intention to purchase Splunk for $28 billion in money, its largest acquisition ever and fourth this yr. This can be a huge funding and win for Cisco from two views: observability and safety. Cisco’s full-stack observability platform may catapult into relevance towards established opponents in a single day. Equally, on the safety aspect, Cisco positive aspects the main safety analytics platform available on the market in the present day with an extremely loyal buyer base.
Cisco additionally will get an additional benefit from the Splunk acquisition by means of a latest addition to Splunk’s management crew that will spotlight its plans for generative AI. The acquisition brings with it expertise, together with Min Wang, Splunk’s chief technology officer. Appointed CTO of Splunk in June of this yr, Min has been in expertise R&D for 20 years and spent greater than 5 years at Google main a crew answerable for the AI-driven Google Assistant. She is establishing the generative AI capabilities at Splunk to go beyond domain use cases and be open and extensible.
Learn in regards to the dynamics for safety and observability with the Splunk acquisition beneath.
Splunk Is Good For Cisco, However Splunk Safety Clients Are Cautious
Splunk is without doubt one of the most ubiquitous and most incessantly used safety instruments in enterprises in the present day. The platform has constantly been named a Chief within the Forrester Wave™ evaluation on security analytics platforms for its flexibility and huge capabilities for alerting and compliance. Splunk additionally has an extremely loyal set of customers, which, greater than anything, serves as a fanbase for the model. Safety leaders wrestle, nonetheless, with Splunk’s lack of innovation over the previous a number of years and the way pricey the providing can change into. Even the addition of other pricing fashions has achieved little to alter that.
These elements add as much as this acquisition being a large win for Cisco’s safety enterprise. Most XDR distributors have shifted to having a SIEM or SIEM different providing of their portfolio. This acquisition positions Cisco to have either side of the coin — detection and response focus in XDR with Cisco XDR, and adaptability and flexibility in a safety analytics platform with Splunk. This solidifies Cisco as a key participant in two huge markets: XDR and SIEM. The acquisition additionally helps place Cisco to higher compete towards the Cortex platform for safety operations from rival Palo Alto Networks.
Safety Practitioners Will Want To Be Received Over
As with most acquisitions, it’s not all sunshine and rainbows. What Cisco does with the Splunk product will decide if it’s a win for safety practitioners. Cisco has lengthy been a case research for acquisitions that don’t stay as much as their preliminary promise and endure from underinvestment and a scarcity of focus. Safety leaders know this. Actually, since this was introduced, many have demonstrated concern that this pairing will degrade the standard of the SIEM that they’ve come to depend on greater than another SecOps device.
That stated, there are exceptions to this, similar to how, in recent times, Cisco has maintained the Duo, Meraki, and ThousandEyes acquisitions as standalones. To maintain Splunk’s huge, loyal consumer base, Cisco must comply with an analogous mannequin and let Splunk ship what Splunk does greatest: a versatile, highly effective SIEM providing (and the cool t-shirts and hoodies their loyal customers love).
There will even be a chance to evolve the Cisco story for id menace detection and response (ITDR). Cisco acquired ITDR startup Oort earlier this yr. The mixture of Splunk, Oort, and Duo will enable Cisco to inform a differentiated ITDR story. This could additionally display an emphasis on id safety that hasn’t beforehand existed at Cisco.
The Safety Business — And SIEM Market — Is Experiencing Huge Disruption
This acquisition indicators a large inflection level for the SIEM market. It’s elevating considerations from Splunk customers who’ve a bitter view of Cisco’s position within the safety area alongside how this can have an effect on what has already been a number of years of stifled innovation from Splunk.
This uncertainty will trigger Splunk clients to discover alternate options, and we anticipate to see experimental deployments of different smaller safety analytics gamers as backup. This will even be a boon for Microsoft Sentinel. Microsoft is the largest SIEM competitor to Splunk proper now. Splunk clients will flock to or increase their Sentinel deployments as they hedge their bets between the place Cisco takes Splunk and the place Microsoft takes Sentinel.
Lastly, this shift available in the market opens up a chance for XDR distributors with a SIEM substitute technique like CrowdStrike and Palo Alto Networks to swoop in and push clients away from a standard SIEM deployment. That is nonetheless early days for distributors and clients and requires a change in mindset to get proper, which can maintain sure groups again from making the transition within the quick time period.
Cisco Acquires Splunk To Improve Its Relevancy In An AIOps, Hybrid, Multicloud World
Splunk is a stalwart within the operational area, utilized by enterprises throughout the globe in each trade. Its superior log administration capabilities are entrenched in enterprises, however its observability options inside its AIOps providing are what made it a Sturdy Performer in The Forrester Wave™: Artificial Intelligence For IT Operations, Q4 2022. The Splunk platform is trusted by practitioners to supply an entire service view, from back-end monitoring via end-user interactions.
Its loyal buyer base overtly praises its entry to Splunk product groups, describing them as “always willing to listen to their suggestions.” Will this entry to product leaders proceed beneath the Cisco banner, or will it get lower off and provoke a Splunk buyer revolt?
For Cisco, it will get a Splunk platform that presently surpasses Cisco’s latest announcement of its Full-Stack Observability (FSO) providing. FSO integrates Cisco merchandise similar to AppDynamics and ThousandEyes in addition to third-party choices to ship enterprise danger observability.
FSO shall be bolstered by Splunk’s huge and extremely regarded observability options, that are positive to fill most of the doubtless roadmap aims that Cisco had for FSO. Moreover, Splunk’s sturdy cloud-based income stream provides to Cisco’s prime line and helps its transition from {hardware} producer to operational software program supplier. With the acquisition, Cisco can be positioned to ship choices that assist the convergence of operational observability with safety, which is already underway.
AIOps And Observability Acquisitions Naturally Trigger Hesitation
Splunk’s acquisition marks the fifth AIOps and observability vendor to alter possession in 2023 (the others embrace Sumo Logic, OpsRamp, Moogsoft, and New Relic). Practitioners are in for an fascinating journey as they wait to see what precisely Cisco will resolve to do with Splunk. Cisco observability choices may migrate to the Splunk platform, or FSO may change into the underpinning platform upon which the Splunk capabilities land.
Cisco may additionally select to easily depart Splunk as a standalone providing in the identical method it did with Duo, ThousandEyes, and others. Every path poses totally different challenges to practitioners who might have to be taught new environments or change huge quantities of integrations.
Not surprisingly, purchases and strategic long-term mission plans will go on maintain and different platforms shall be thought-about whereas the mud settles on this acquisition and path turns into clear.
Cloud Migrations Are Reworking AIOps And Observability
The AIOps and observability vendor market is shifting quick to fulfill the calls for of enterprises which are shifting workloads to the cloud. AIOps platforms similar to Splunk with sturdy observability capabilities are wanted to course of the information and ship AI-enriched actionable info.
Rivals similar to Dynatrace, Datadog, and ScienceLogic will definitely look to capitalize on this transition interval. Information-driven actions require high-quality information that has been correlated and analyzed for causality, one thing Splunk excels at and Cisco will quickly possess. The addition of Splunk offers Cisco an expansive portfolio, and a strategic path set by FSO makes Cisco a formidable opponent for established market leaders.
Know-how leaders in addition to AIOps and observability opponents shall be watching this intently for any indicators of delays or conflicts. Thousands and thousands of {dollars} price of selections shall be held up or redirected whereas the portfolios, management groups, and buyer bases of those two organizations learn to greatest work collectively.
Strategy With Warning
Since Splunk will span two product teams in Cisco — safety and observability — it runs the chance of being torn aside by inner forces. Working it as a standalone will enable Splunk to serve each constituencies equally and proceed rising and innovating. Splunk President and CEO Gary Steele reporting on to Cisco Chair and CEO Chuck Robbins is a optimistic signal.
These markets and the distributors in them want the disruption that this acquisition will carry forth, however this all comes with a whole lot of uncertainty for practitioners. Schedule an inquiry or steering session with Allie Mellen or Carlos Casanova to overview your choices and validate your method to this huge change.
Author: Allie Mellen
Date: 2023-09-22 10:49:00
