Splunk announced on Tuesday that it intends to acquire the cloud-native security startup TruSTAR Technology, for an undisclosed sum. TruSTAR was founded in 2014 and offers an application programming interface (API)-first cloud-native intelligence management platform.
It transforms intelligence from third-party providers and historical events to enable integration and accelerated automation across orchestration, response tools, and core detection.
Using custom API solutions and partner integrations, TruSTAR’s intelligence management platform takes internal and external data and puts it to work, helping security teams speed up detection, response to incidents, collaborations, and investigative work.
TruSTAR’s value
The service wants to deliver technology teams can use to create better defenses through intelligent data integration into all stages of workflows to make rapid but better decisions.
Through its integration marketplace, TruSTAR now supports Splunk, AWS GuardDuty, ServiceNow, 471 and Resilient, Unit 42, Jira, RiskIQ, US-CERT, CrowdStrike, IBM QRadar, and LogRhythm, among others.
The company says that it has a client list of more than 500 corporate clients. Some of the most notable names include IBM Cloud, Prudential, Rackspace, Staples, BNP Paribas, and Experian. That is an impressive feat, which indicates that the deal could be potentially sizeable.
Splunk’s plan
Splunk will use the technology developed by TruSTAR to enhance its ability to offer better security solutions in the cloud. The customers will be able to access all their data and use the access to deal with the complexity, enhance detection and respond to threats faster and without extra steps.
Splunk’s Data-to-Everything platform will get these capabilities too, with existing TruSTAR customers able to use the community and freemium feeds from Splunk’s commercial threat intelligence partners like Mandiant, Recorded Future, and Intel471.
The overall plan is to enhance what Splunk offers to its existing customers while gaining new clients.