Cisco Intends to Acquire Threat Detection and Defense Company SnapAttack, Driving Further Splunk Innovation to Power the SOC of the Future

Security Mike Horn

January 31, 2025, Update: We have completed the acquisition of SnapAttack. Welcome to Cisco!

The threat landscape is constantly evolving and expanding, making it more difficult than ever for organizations to keep up and defend against the latest threats. Today’s SecOps teams need cutting-edge security tools and threat intelligence-driven detection content to proactively defend against the latest tactics, techniques and procedures (TTPs) that organizations face today.

Effectively deploying and enabling threat detection is a critical capability of security operation centers (SOC) and key to keeping businesses protected. Splunk’s threat detection, investigation and response (TDIR) solution is anchored by its market-leading Security Information and Event Management (SIEM) platform, Splunk Enterprise Security (ES), which includes Enterprise Security Content Updates (ESCU) that provide customers pre-packaged, regularly updated detection content.

SnapAttack provides a solution that supports the complete detection content lifecycle, starting with curated detection content discovery that is prioritized by current threat activity, potential impact and other factors, all the way through to the continuous validation, testing and assessment of deployed content. Today, SnapAttack is used by some of the world’s largest organizations in industries with the most stringent cybersecurity regulations.

With Cisco’s acquisition of SnapAttack, security teams using Splunk security products will see even more innovation with accelerated delivery of capabilities that offer even more control, visibility and advanced management of all their security content, including the content they develop themselves.

Using a unique, threat intelligence-driven approach, SnapAttack monitors changes in the threat landscape and helps organizations understand if their current detection content protects them against the latest threats. If not, it recommends detection content that’s readily deployable for security teams to apply.

Accelerating the SOC of the Future with SnapAttack

By bringing the new capabilities provided by SnapAttack together with Splunk’s existing security products, customers will benefit from an enhanced TDIR platform that enables them to quickly adapt to changes in the threat landscape.

Key acceleration areas and benefits include:

As we continue to innovate and deliver solutions that support today’s new era of SIEM, we look forward to completing the acquisition and welcoming SnapAttack to Cisco and the Splunk team!

Related Articles

Macros, We Don’t Need No Stinking Macros! — Featuring the New Microsoft O365 Email Add-On
Security
3 Minute Read

Macros, We Don’t Need No Stinking Macros! — Featuring the New Microsoft O365 Email Add-On

Using Microsoft O365 for your emails? Take a look at the new Microsoft O365 Email Add-on for Splunk to start getting in-depth security and non security data from your emails today.
Staff Picks for Splunk Security Reading December 2020
Security
3 Minute Read

Staff Picks for Splunk Security Reading December 2020

These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!
SOARing to the Clouds with Splunk SOAR
Security
2 Minute Read

SOARing to the Clouds with Splunk SOAR

Now available as part of Splunk Cloud, Splunk SOAR further delivers on our promise to modernize security operations – read on to learn more.