Case Study: FINRA (Financial Industry Regulatory Authority) protects investors and gains unified visibility and cost savings with Splunk Cloud on AWS

FINRA Protects American Investors With Splunk Cloud and AWS

FINRA, the U.S. securities industry regulator, manages massive volumes of trading and access data to detect fraud and protect investors. Its legacy SIEM was costly and could not ingest many log types or support flexible, ad hoc querying, leaving gaps in visibility across brokerage and market activity.

FINRA moved to Splunk Cloud and Splunk Enterprise Security on AWS, ingesting logs from 170 applications and multiple AWS sources (S3, CloudTrail, CloudWatch, Kinesis, EMR) and using Lambda for serverless processing. The cloud pay-per-use model enabled rapid deployment, unified central logging and ad hoc analysis, improved transparency into most U.S. stock and options transactions, and cut tooling and cloud‑costs dramatically (replacing a third‑party billing tool and achieving analytics at under 5% of the prior tool’s cost), strengthening investor protections.

Financial Industry Regulatory Authority

Gary Mikula

Senior Director, Cyber and Information Security