List of Splunk Enterprise Security Customers
Splunk
270 Brannan Street,
San Francisco, 94107, CA,
United States
San Francisco, 94107, CA,
United States
1 415-848-8400
Professional Services
8000
$3.8B
Since 2010, our global team of researchers has been studying Splunk Enterprise Security customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Splunk Enterprise Security for Security Information and Event Management (SIEM) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Splunk Enterprise Security for Security Information and Event Management (SIEM) include: Royal Bank of Canada, a Canada based Banking and Financial Services organisation with 96628 employees and revenues of $48.64 billion, Carnival Corporation, a United States based Leisure and Hospitality organisation with 115000 employees and revenues of $25.02 billion, GAMUDA LAND, a Malaysia based Construction and Real Estate organisation with 1000 employees and revenues of $200.0 million and many others.
Contact us if you need a completed and verified list of companies using Splunk Enterprise Security, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Splunk Enterprise Security customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Carnival Corporation | Leisure and Hospitality | 115000 | $25.0B | United States | Splunk | Splunk Enterprise Security | Security Information and Event Management (SIEM) | 2023 | n/a |
In 2023, Carnival Corporation implemented Splunk Enterprise Security, a Security Information and Event Management (SIEM) application, to secure shipboard systems and customer data across its global fleet. The deployment supports operations across 90+ ships and nine cruise line brands, protecting guest and crew digital experiences for more than 300,000 people daily.
Splunk Enterprise Security was configured to provide real-time visibility across applications, services, and security infrastructure, centralizing alerts and threat detection for maritime operations and shore-side systems. Functional capabilities in place include centralized event aggregation, prioritized alerting, and incident triage workflows that allow IT security and site reliability teams to assess severity and coordinate response.
Operational coverage extends from customer-facing channels such as Carnival.com and the HubApp to shipboard operational systems, enabling the team to rapidly detect glitches that could affect booking, online check-in, shore excursions, restaurant reservations, or onboard services. The platform is actively used by IT security, threat intelligence, and site reliability engineering teams across Carnival Corporation and Carnival Cruise Line to maintain around-the-clock monitoring for safety and guest experience continuity.
Governance and workflow restructuring focused on centralizing security event management, consolidating alerts into a single pane for escalation and remediation, and standardizing triage procedures across global teams. Rollout emphasized scale and flexibility to keep maritime operations available while addressing an evolving threat landscape.
Outcomes explicitly reported by the company include a substantial reduction in mean time to respond, cited as up to 98 percent in some cases, and faster triage and remediation of customer experience issues before they impact guests. Splunk Enterprise Security is described as a core security and observability layer supporting Carnival Corporation's operational resilience and guest experience assurance.
|
 |
GAMUDA LAND | Construction and Real Estate | 1000 | $200M | Malaysia | Splunk | Splunk Enterprise Security | Security Information and Event Management (SIEM) | 2022 | n/a |
In 2022, GAMUDA LAND deployed Splunk Enterprise Security as its Security Information and Event Management (SIEM) platform to centralize security operations across air gapped and hybrid estates including the GDC air gapped environment and Gamuda Dnex Cloud sovereign cloud initiatives. The implementation targeted 24/7 security monitoring and detection workflows to support incident response, threat hunting, and compliance reporting for regulated cloud and on prem assets. GAMUDA LAND Splunk Enterprise Security Security Information and Event Management (SIEM) was positioned to serve core cybersecurity functions rather than a single departmental tool.
The deployment included canonical SIEM capabilities such as centralized log collection and normalization, correlation rule sets and analytics for threat detection, incident management dashboards, and support for threat hunting. Configuration work emphasized detection content, playbook driven incident response, alert triage workflows, and automation hooks for SOAR style orchestration to streamline containment and recovery processes. The Splunk Enterprise Security application name was restated inside operational documentation to align runbooks and analyst training with platform capabilities.
Integrations were scoped to support the broader SecOps stack listed in hiring and operations notes, including ingest and correlation of telemetry from EDR, IDS IPS, vulnerability scanners such as Tenable Nessus, privileged access management logs, HSM key management events, and data loss prevention streams, plus controlled threat intelligence feeds. Operational coverage extended across cybersecurity operations, vulnerability management, identity and access management, data security, and security engineering functions within the air gapped and hybrid operating model. The implementation facilitated centralized audit log retention and reporting to support compliance activity aligned with NIST, FedRAMP, and FIPS frameworks as referenced in operational requirements.
Governance changes focused on formalizing incident response processes, maintaining playbooks and post incident analysis records, and instituting periodic audits of detection content and access rights. The security team structure and role definitions were updated to reflect platform ownership and 24/7 monitoring responsibilities, with responsibilities for continuous tuning of correlation rules and for coordinating with regulators and auditors in sovereign cloud contexts. Documentation, runbooks, and scheduled validation exercises were emphasized to maintain assurance in isolated and highly regulated environments.
|
 |
Royal Bank of Canada | Banking and Financial Services | 96628 | $48.6B | Canada | Splunk | Splunk Enterprise Security | Security Information and Event Management (SIEM) | 2021 | n/a |
In 2021, Royal Bank of Canada deployed Splunk Enterprise Security to provide Security Information and Event Management (SIEM) capabilities for IT Security, detection, and incident response functions. The deployment focused on real time data and network analysis to surface security events and support operational security workflows across internal security teams and first line responders.
Splunk Enterprise Security was configured to run correlation searches and detection rules, supporting a structured alerting system for malware and security events. Detection logic and rule creation included signatures and behavioral patterns for brute force attacks, SQL injection, cross site scripting, concurrent logins from multiple locations, and other anomalous traffic, with ongoing fine tuning to improve alert fidelity and reduce false positives. Dashboards and live monitoring panels were configured for continuous situational awareness and to present summarized technical and stakeholder reports.
The implementation integrated vulnerability intelligence into incident workflows through documented use of Qualys Guard for vulnerability context and prioritization. Operational coverage included L1 escalation paths and collaboration with offshore teams to accelerate incident closure, and the environment was used to dispatch threat intelligence and hunting advisories to relevant internal groups.
Governance and process changes were implemented alongside Splunk Enterprise Security, encompassing standard operating procedures for detection, containment, eradication, and post incident reporting. The team carried out threat modeling and profiling on discovered vulnerabilities, coordinated remediation and critical patch prioritization with application and infrastructure owners, and participated in internal HIPAA and PCI DSS audit activities to validate controls and compliance.
Throughout the engagement the implementation emphasized rule tuning and advisory workflows to reduce false positives and improve detection fidelity, while operational incident handling produced documented, swift incident closure through coordinated escalation and remediation processes.
|
Showing 1 to 3 of 3 entries
Buyer Intent: Companies Evaluating Splunk Enterprise Security
ARTW Buyer Intent uncovers actionable customer signals, identifying software buyers actively evaluating Splunk Enterprise Security. Gain ongoing access to real-time prospects and uncover hidden opportunities.
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||
FAQ - APPS RUN THE WORLD Splunk Enterprise Security Coverage
Splunk Enterprise Security is a Security Information and Event Management (SIEM) solution from Splunk.
Companies worldwide use Splunk Enterprise Security, from small firms to large enterprises across 21+ industries.
Organizations such as Royal Bank of Canada, Carnival Corporation and GAMUDA LAND are recorded users of
Splunk Enterprise Security for Security Information and Event Management (SIEM).
Companies using Splunk Enterprise Security are most concentrated in Banking and Financial Services, Leisure and Hospitality and Construction and Real Estate, with adoption spanning over 21 industries.
Companies using Splunk Enterprise Security are most concentrated in Canada, United States and Malaysia, with adoption tracked across 195 countries worldwide. This global distribution highlights the popularity of Splunk Enterprise Security across Americas, EMEA, and APAC.
Companies using Splunk Enterprise Security range from small businesses with 0-100 employees - 0%, to mid-sized firms with 101-1,000 employees - 33.33%, large organizations with 1,001-10,000 employees - 0%, and global enterprises with 10,000+ employees - 66.67%.
Customers of Splunk Enterprise Security include firms across all revenue levels — from $0-100M, to $101M-$1B, $1B-$10B, and $10B+ global corporations.
Contact APPS RUN THE WORLD to access the full verified Splunk Enterprise Security customer database with detailed Firmographics such as industry, geography, revenue, and employee breakdowns as well as key decision makers in charge of Security Information and Event Management (SIEM).