List of Splunk Phantom Customers
San Francisco, 94107, CA,
United States
Since 2010, our global team of researchers has been studying Splunk Phantom customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Splunk Phantom for Security Orchestration, Automation, and Response (SOAR) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Splunk Phantom for Security Orchestration, Automation, and Response (SOAR) include: ExxonMobil, a United States based Oil, Gas and Chemicals organisation with 57900 employees and revenues of $323.91 billion, Dell, a United States based Manufacturing organisation with 108000 employees and revenues of $95.60 billion, Tide, a United Kingdom based Professional Services organisation with 1000 employees and revenues of $120.0 million, Mitsui Bussan Secure Directions, a Japan based Professional Services organisation with 264 employees and revenues of $30.0 million and many others.
Contact us if you need a completed and verified list of companies using Splunk Phantom, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Splunk Phantom customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Dell | Manufacturing | 108000 | $95.6B | United States | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2019 | n/a |
In 2019, Dell implemented Splunk Phantom as a Security Orchestration, Automation, and Response (SOAR) application to support its internal SOC and automation initiatives in the United States. The deployment focused on delivering playbook-driven SOAR capabilities, positioning Splunk Phantom to orchestrate and automate incident response workflows within Dell’s cybersecurity operations.
Splunk Phantom was configured to execute SOAR playbooks and automate incident triage and response sequencing, leveraging the application’s orchestration and automation capabilities to standardize repetitive SOC tasks. Functional emphasis included playbook authoring and orchestration, automated enrichment and response action sequencing, and mapping security events to predefined response workflows consistent with Security Orchestration, Automation, and Response (SOAR) operational patterns.
Operational coverage targeted Dell’s internal Security Operations Center in the United States, aligning SOC procedures and incident response runbooks with automated playbook governance. Governance and process changes emphasized playbook lifecycle management, approvals for automated actions, and centralized orchestration to institutionalize consistent incident handling across the security organization.
|
 |
ExxonMobil | Oil, Gas and Chemicals | 57900 | $323.9B | United States | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2021 | n/a |
In 2021, ExxonMobil implemented Splunk Phantom as part of its Security Orchestration, Automation, and Response (SOAR) tooling to operationalize incident response and SOC playbooks. Splunk Phantom was configured to orchestrate automated workflows and to centralize actionable threat intelligence for SOC operations, threat hunting, and incident response functions.
The deployment focused on developing detection rules, automated playbooks, and response playbooks within Splunk Phantom, while aligning detection content with the MITRE ATT&CK Framework. Engineers created custom dashboards and detection rules in Splunk, and authored automation using Python, PowerShell, and Bash to parse logs, manage endpoint actions, and trigger Phantom playbooks for high-priority incidents.
Integrations were explicitly implemented between Splunk Phantom and enterprise CTI sources such as Anomali ThreatStream and Recorded Future, and with the Splunk SIEM to source alerts and telemetry. The SOAR implementation also interfaced with SentinelOne for endpoint context, iBoss Proxy for web access monitoring, Nexpose and InsightVM for vulnerability data from Azure and AWS environments, Palo Alto Prisma Cloud for cloud posture signals, Nozomi Networks for ICS and OT device telemetry, and investigation tools including Maltego to enrich incidents.
Governance and operationalization included codifying Priority Intelligence Requirements to drive automated playbooks, institutionalizing threat hunting workflows in the SOC, and integrating periodic risk assessments aligned to ISO 27001. Splunk Phantom was used to streamline SOC operations and reduce response times for high-priority incidents, while enabling incident response teams to operationalize CTI and repeatable playbooks across IT, cloud, and ICS/OT environments.
|
 |
Mitsui Bussan Secure Directions | Professional Services | 264 | $30M | Japan | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2022 | n/a |
In 2022, Mitsui Bussan Secure Directions implemented Splunk Phantom as its Security Orchestration, Automation, and Response (SOAR) platform to automate security operations and threat hunting workflows for its clients in Japan. The deployment prioritized operationalizing repeatable playbooks to accelerate incident response and standardize SOC processes across managed security engagements.
Splunk Phantom was configured to run playbook-driven automation for email filtering triage, threat hunting orchestration, case management, and investigation workflows, reflecting module usage cited in Splunk SOAR customer references. The implementation leveraged the platform’s orchestration engine and automated tasking to reduce manual analyst steps and codify detection to response sequences.
Operational coverage focused on the organization’s security operations center and threat hunting teams, extending capabilities into client-facing managed services across Japan. The rollout centralized investigation context within Splunk Phantom’s case management fabric while automating routine SOC tasks and analyst handoffs.
Governance changes included formalizing response playbooks and operational procedures to ensure consistent execution of automated workflows. Reported outcomes from Splunk SOAR customer materials include faster response times, greater agility in investigations, improved threat hunting speed, and increased SOC efficiency, and Splunk Phantom is the product now marketed as Splunk SOAR.
|
 |
|
Professional Services | 1000 | $120M | United Kingdom | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2021 | n/a |
|
Buyer Intent: Companies Evaluating Splunk Phantom
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||