Products
Data-to-Everything Platform

A data platform built for expansive data access, powerful analytics and automation

Learn more

Splunk Cloud

Splunk Enterprise

Splunk Machine Learning Toolkit

Splunk Data Stream Processor

MORE FROM SPLUNK

Pricing

Free Trials & Downloads
Security

Splunk Enterprise Security

Adopt an analytics-driven cloud SIEM

Splunk Phantom

Automate workflow, investigation and response

Splunk Mission Control

Modernize security operations

Splunk User Behavior Analytics

Detect unknown threats and anomalous behavior with ML

IT Operations & Observability

Splunk Infrastructure Monitoring

Monitor and manage hybrid and multicloud environments

Splunk Application Performance Monitoring

Improve application performance and reliability

Splunk IT Service Intelligence

Modernize IT with the industry-leading AIOps platform

Splunk On-Call

Automate incident response to increase uptime

View all products
Solutions
Cloud Transformation

Transform your organization by accelerating your cloud journey

Learn more
BY FUNCTION

Security

Empower the business to innovate while limiting risks

IT

Go from running the business to transforming it

DevOps

Accelerate the delivery of exceptional user experiences

BY INDUSTRY

Aerospace & Defense

Higher Education

Communications

Manufacturing

Energy & Utilities

Online Services

Financial Services

Public Sector

Healthcare

Retail

View all industries
Why Splunk?
Why Splunk?

Bring data to every question, decision and action across your organization

Learn more
Customer Stories

See why organizations around the world trust Splunk

Partners

Accelerate value with our powerful partner ecosystem

Data-to-Everything

Thrive in the Data Age and drive change with our data platform

Diversity & Inclusion

Learn how we support change for customers and communities
Resources
MORE FROM SPLUNK

Resources

Explore E-books, whitepapers and more

Events

Join us at an event near you

Blogs

See what Splunk is doing
GET STARTED

Best Practices

Clear and actionable guidance from Splunk Experts

Expert Services

It’s easy to get the help you need

Get Started With Splunk

Learn how to use Splunk

become an expert

Splunk Training & Certification

Get certified to become a Splunk Expert

Documentation

Find answers and guidance on how to use Splunk

User Groups

Meet Splunk enthusiasts in your area

Community

Get inspired and share knowledge

Expand & optimize

Customer Success

Get specialized service and support

Splunkbase

See Splunk’s 1000+ apps and add-ons

Splunk Dev

Create your own Splunk apps

SolarWinds Cyberattack

Learn how it affects you, us and the world.

Read our CISO's response

How the SolarWinds cyberattacks work

The SolarWinds cyberattack campaign — also called Solorigate or simply the SolarWinds hack — leverages vulnerabilities in SolarWinds Orion software to accomplish a supply chain attack. Malware was embedded into the digitally-signed software and multiple organizations were compromised as a result. The nature and extent of the situation continues to develop, but at least two distinct malware threats — Sunburst and Supernova — have been identified.

Learn About the Sunburst Malware

Learn About the Supernova Malware

How Splunk can help

Review and update your log types ingested into Splunk, then examine DNS, network, and host traffic logs for evidence of Sunburst malware activity.

Examine results of vulnerability scans, hashes and proxy logs for evidence of Supernova webshell.

Search for unusual activity from your directory and authentication providers for indications of a follow-on attack.

Look for other signs of lateral movement from compromised hosts.

Expand monitoring across your IT infrastructure and your entire software development lifecycle (SDLC)

Splunk Solutions for Security, IT and DevOps

Detect indicators in your environment

Security TEAMS

Detect indicators in your environment

Streamline the onboarding process and search for threat indicators in your environment.

Easily onboard threat indicators

Recover lost visibility of IT infrastructure

IT TEAMS

Recover lost visibility of IT infrastructure

Without SolarWinds Orion software, you lose visibility. Restore visibility with Splunk and monitor the health and operations of your IT infrastructure.

Recover lost IT visibility

Protect your application development resources

DevOps Teams

Protect your application development resources

Gain visibility into your software delivery chain from code repositories, secrets management, infrastructure-as-code, CI/CD automation and more. This can help your organization detect unauthorized changes to production applications and protect your customers.

Learn how to secure your SDLC

We’re here to help with your Security, IT and DevOps response.

Contact Us