Case Study: Financial Services Company achieves actionable security intelligence with Splunk

Financial Services Company Gains Actionable Security Intelligence With Splunk Enterprise Security (ES)

The Financial Services Company, a global organization in a highly regulated industry, was struggling with a legacy SIEM that was slow, difficult to scale, and costly to maintain. It needed a security analytics platform that could handle growing data volumes, speed investigations, and integrate with its GRC solution, and it turned to Splunk Enterprise and Splunk Enterprise Security (ES).

Splunk implemented a staged replacement of the old HP ArcSight environment, rebuilding logging infrastructure, consolidating multivendor security data, and expanding coverage across access, endpoint, network, identity, and other sources. With Splunk, the company now ingests more than 1TB of data per day, has implemented 100 security use cases, and reduced search times from minutes to seconds, including a 30-minute query dropping to about 10 seconds.