Cisco has acquired SnapAttack, a threat detection and defense company, as part of its ongoing efforts to enhance its cybersecurity capabilities, particularly through its recent acquisition of Splunk. This $28 billion acquisition, finalized in March, is poised to drive Splunk’s innovation, particularly in its “detection-as-code” roadmap. SnapAttack’s technology and expertise in threat detection will bolster Splunk’s offerings and allow Cisco to deliver more advanced solutions to help organizations strengthen their security operations centers (SOCs).
SnapAttack’s solutions are particularly valuable as they support the complete lifecycle of detection content, from curated discovery to continuous validation and testing. According to Mike Horn, senior vice president and general manager of Splunk security products, SnapAttack is already utilized by some of the world’s largest organizations, including those in industries with the most stringent cybersecurity regulations. With this acquisition, customers using Splunk security products will benefit from enhanced detection capabilities and improved control over their security content.
One of the key advantages of this acquisition is the integration of SnapAttack’s advanced detection engineering and insights into Splunk’s platform. This will significantly improve Splunk’s threat detection, investigation, and response (TDIR) capabilities, enabling security teams to quickly adapt to changing threat landscapes. The merger of SnapAttack’s technology with Splunk’s existing security products will help customers stay ahead of emerging threats with more robust and efficient detection and response mechanisms.
The acquisition is also seen as a step forward in modernizing security information and event management (SIEM) platforms. By combining SnapAttack’s innovations with Splunk’s established products, Cisco is positioning itself to offer a more powerful, dynamic, and agile solution to address the growing demands of cybersecurity. As the acquisition moves forward, customers can expect even more innovative features and a broader range of capabilities aimed at securing their networks and operations from evolving threats.
