List of Splunk Attack Analyzer Customers
San Francisco, 94107, CA,
United States
Since 2010, our global team of researchers has been studying Splunk Attack Analyzer customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Splunk Attack Analyzer for Phishing Protection from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Splunk Attack Analyzer for Phishing Protection include: Johnson Matthey, a United Kingdom based Oil, Gas and Chemicals organisation with 11685 employees and revenues of $16.71 billion, Splunk, a United States based Professional Services organisation with 8000 employees and revenues of $3.75 billion, Southern Farm Bureau Life Insurance Co, a United States based Insurance organisation with 600 employees and revenues of $1.67 billion and many others.
Contact us if you need a completed and verified list of companies using Splunk Attack Analyzer, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Splunk Attack Analyzer customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Johnson Matthey | Oil, Gas and Chemicals | 11685 | $16.7B | United Kingdom | Splunk | Splunk Attack Analyzer | Phishing Protection | 2023 | n/a |
In 2023, Johnson Matthey deployed Splunk Attack Analyzer alongside Splunk Enterprise Security and Splunk SOAR to improve phishing detection and SOC efficiency. The deployment targeted Phishing Protection capabilities within the security operations center of this U.K. manufacturing and technology company, aligning detection, triage and automated response workflows. Johnson Matthey implemented Splunk Attack Analyzer for Phishing Protection to strengthen SOC incident handling and automated response orchestration.
Splunk Attack Analyzer was configured to analyze phishing indicators and email telemetry, feeding correlated alerts into Splunk Enterprise Security for analytics and into Splunk SOAR for orchestration. Functional capabilities implemented included automated triage playbooks, indicator enrichment and alert correlation, with SOAR-driven playbooks executing remediation and automated case closure logic. The deployment centralized phishing detection workflows and instrumented machine-assisted decisioning for faster investigation.
Operational coverage focused on the SOC and incident response teams in the United Kingdom, with processes restructured to route suspected phishing through SOAR playbooks for enrichment, triage and closure. The implementation increased phishing detection accuracy to approximately 80%, closed approximately 61% of phishing cases via automation, and a case study reports an 83% reduction in case management time, reflecting tightened governance around phishing case lifecycle and automated remediation.
|
 |
Southern Farm Bureau Life Insurance Co | Insurance | 600 | $1.7B | United States | Splunk | Splunk Attack Analyzer | Phishing Protection | 2023 | n/a |
In 2023 Southern Farm Bureau Life Insurance Co deployed Splunk Attack Analyzer under the Phishing Protection category to analyze files uploaded to an external facing web portal, targeting a reduction in scan time and alert fatigue across its U.S. financial services operations. The implementation paired Splunk Attack Analyzer with Splunk SOAR to enable automated triage of submitted files and to accelerate security orchestration workflows.
Splunk Attack Analyzer was configured to inspect file submissions from the portal and to surface prioritized alerts for the security team, using automated analysis and threat scoring to reduce manual review. The deployment emphasized end to end file processing workflows and alert consolidation to address the volume of externally submitted content.
Integration scope included the external facing web portal and Splunk SOAR, establishing a pipeline from file intake through automated analysis and playbook driven response. Operational coverage was focused on Security Operations and portal intake processing within the companys U.S. financial services footprint, reducing the burden on analysts and improving case prioritization.
Within six months the rollout produced a roughly 70% decrease in file scan time and near zero false positives, shortening end to end processing from about 20 minutes to about 5 minutes and materially reducing alert fatigue for the security team.
|
|
|
Splunk | Professional Services | 8000 | $3.8B | United States | Splunk | Splunk Attack Analyzer | Phishing Protection | 2024 | n/a |
In 2024, Splunk implemented Splunk Attack Analyzer as a Phishing Protection solution within its U.S. internal security operations center. The deployment was paired with Splunk SOAR to automate investigation of reported phishing emails and enable rapid triage and orchestration.
Splunk Attack Analyzer was configured to automate evidence collection, indicator extraction, and threat scoring to accelerate analyst workflows, consistent with Phishing Protection functional patterns. Automation of investigation and triage was integrated with SOAR runbooks to orchestrate containment and response steps and to create analyst-facing cases.
Integration scope explicitly included Splunk SOAR and the broader Splunk technology stack in the U.S. SOC, and operational coverage targeted security operations, incident response, and threat intelligence teams. The implementation supported automated handoffs between detection, enrichment, and remediation workflows to reduce manual case assembly.
Governance shifted to SOAR driven playbooks that standardized triage, escalation, and evidence retention processes within the Phishing Protection architecture, and workflows were centralized to enforce consistent response sequencing. Process changes reduced manual analyst steps and embedded orchestration as the control plane for phishing investigations.
The internal implementation reported approximately 90 percent faster phishing investigation and resolution and achieved a mean time to detect under seven minutes for critical use cases, outcomes observed by Splunk's SOC in the U.S. technology environment.
|
Buyer Intent: Companies Evaluating Splunk Attack Analyzer
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||