Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025

Security Olivia Henderson

We’re honored to share that Splunk has been named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025.

Splunk is committed to power the SOC of the Future by providing a unified threat detection, investigation, and response (TDIR) experience — no matter their deployment requirements. We are proud to help organizations strengthen their digital resilience with increased visibility, accurate detections, and integrated, automated workflows delivered through a unified platform so that they can navigate their security challenges.

Splunk Has Been Recognized With the Top Score in the Current Offering Category

We received the highest possible scores from the Forrester evaluation in the following criteria:

According to the Forrester report, “Splunk maintains its strategic focus on data, where it is strongest: accessing it, applying the right analytics, and accelerating actions across IT and security…Enterprise Security’s latest release unified Splunk’s security orchestration, automation, and response (SOAR) for a more seamless analyst workflow. Its analytics — scheduled queries and streaming analytics — show up in risk-based alerting, so users can build correlation rules.”

We are extremely grateful to our customers and partners for making this recognition possible. Access The Forrester Wave™: Security Analytics Platforms, Q2 2025 to learn more about how Splunk Enterprise Security stacks up, visit our website or take a product tour.

Forrester does not endorse any company, product, brand, or service included in its research publications and does not advise any person to select the products or services of any company or brand based on the ratings included in such publications. Information is based on the best available resources. Opinions reflect judgment at the time and are subject to change. For more information, read about Forrester’s objectivity here.

Related Articles

Endpoint Security Data Collection Strategy: Splunk UF, uberAgent, or Sysmon?
Security
4 Minute Read

Endpoint Security Data Collection Strategy: Splunk UF, uberAgent, or Sysmon?

Many threats originate from the endpoint and detecting them requires insights into what happens on the endpoint. In this post we look at different endpoint activity data sources, comparing the benefits and capabilities of Splunk Universal Forwarder with vast limits uberAgent and homegrown solutions.
Streamlining Vulnerability Management with Splunk Phantom
Security
2 Minute Read

Streamlining Vulnerability Management with Splunk Phantom

Manage the entire lifecycle of vulnerability management with automation and orchestration using Splunk’s SOAR technology, Splunk Phantom, to automate actions and reduce the time spent on patch management by 40%.
Hunting for Detections in Attack Data with Machine Learning
Security
3 Minute Read

Hunting for Detections in Attack Data with Machine Learning

Learn how to leverage the real-world and simulated attack data that Splunk's Threat Research team collected to use machine learning to discover attack activity and identify how to transform insights into detections.