List of Splunk Phantom Customers
Splunk
270 Brannan Street,
San Francisco, 94107, CA,
United States
San Francisco, 94107, CA,
United States
1 415-848-8400
Professional Services
8000
$3.8B
Since 2010, our global team of researchers has been studying Splunk Phantom customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Splunk Phantom for Security Orchestration, Automation, and Response (SOAR) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Splunk Phantom for Security Orchestration, Automation, and Response (SOAR) include: ExxonMobil, a United States based Oil, Gas and Chemicals organisation with 57900 employees and revenues of $323.91 billion, Dell, a United States based Manufacturing organisation with 108000 employees and revenues of $95.60 billion, Tide, a United Kingdom based Professional Services organisation with 1000 employees and revenues of $120.0 million, Mitsui Bussan Secure Directions, a Japan based Professional Services organisation with 264 employees and revenues of $30.0 million and many others.
Contact us if you need a completed and verified list of companies using Splunk Phantom, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Splunk Phantom customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Dell | Manufacturing | 108000 | $95.6B | United States | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2019 | n/a |
In 2019, Dell implemented Splunk Phantom as a Security Orchestration, Automation, and Response (SOAR) application to support its internal SOC and automation initiatives in the United States. The deployment focused on delivering playbook-driven SOAR capabilities, positioning Splunk Phantom to orchestrate and automate incident response workflows within Dell’s cybersecurity operations.
Splunk Phantom was configured to execute SOAR playbooks and automate incident triage and response sequencing, leveraging the application’s orchestration and automation capabilities to standardize repetitive SOC tasks. Functional emphasis included playbook authoring and orchestration, automated enrichment and response action sequencing, and mapping security events to predefined response workflows consistent with Security Orchestration, Automation, and Response (SOAR) operational patterns.
Operational coverage targeted Dell’s internal Security Operations Center in the United States, aligning SOC procedures and incident response runbooks with automated playbook governance. Governance and process changes emphasized playbook lifecycle management, approvals for automated actions, and centralized orchestration to institutionalize consistent incident handling across the security organization.
|
 |
ExxonMobil | Oil, Gas and Chemicals | 57900 | $323.9B | United States | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2021 | n/a |
In 2021, ExxonMobil implemented Splunk Phantom as part of its Security Orchestration, Automation, and Response (SOAR) tooling to operationalize incident response and SOC playbooks. Splunk Phantom was configured to orchestrate automated workflows and to centralize actionable threat intelligence for SOC operations, threat hunting, and incident response functions.
The deployment focused on developing detection rules, automated playbooks, and response playbooks within Splunk Phantom, while aligning detection content with the MITRE ATT&CK Framework. Engineers created custom dashboards and detection rules in Splunk, and authored automation using Python, PowerShell, and Bash to parse logs, manage endpoint actions, and trigger Phantom playbooks for high-priority incidents.
Integrations were explicitly implemented between Splunk Phantom and enterprise CTI sources such as Anomali ThreatStream and Recorded Future, and with the Splunk SIEM to source alerts and telemetry. The SOAR implementation also interfaced with SentinelOne for endpoint context, iBoss Proxy for web access monitoring, Nexpose and InsightVM for vulnerability data from Azure and AWS environments, Palo Alto Prisma Cloud for cloud posture signals, Nozomi Networks for ICS and OT device telemetry, and investigation tools including Maltego to enrich incidents.
Governance and operationalization included codifying Priority Intelligence Requirements to drive automated playbooks, institutionalizing threat hunting workflows in the SOC, and integrating periodic risk assessments aligned to ISO 27001. Splunk Phantom was used to streamline SOC operations and reduce response times for high-priority incidents, while enabling incident response teams to operationalize CTI and repeatable playbooks across IT, cloud, and ICS/OT environments.
|
 |
Mitsui Bussan Secure Directions | Professional Services | 264 | $30M | Japan | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2022 | n/a |
In 2022, Mitsui Bussan Secure Directions implemented Splunk Phantom as its Security Orchestration, Automation, and Response (SOAR) platform to automate security operations and threat hunting workflows for its clients in Japan. The deployment prioritized operationalizing repeatable playbooks to accelerate incident response and standardize SOC processes across managed security engagements.
Splunk Phantom was configured to run playbook-driven automation for email filtering triage, threat hunting orchestration, case management, and investigation workflows, reflecting module usage cited in Splunk SOAR customer references. The implementation leveraged the platform’s orchestration engine and automated tasking to reduce manual analyst steps and codify detection to response sequences.
Operational coverage focused on the organization’s security operations center and threat hunting teams, extending capabilities into client-facing managed services across Japan. The rollout centralized investigation context within Splunk Phantom’s case management fabric while automating routine SOC tasks and analyst handoffs.
Governance changes included formalizing response playbooks and operational procedures to ensure consistent execution of automated workflows. Reported outcomes from Splunk SOAR customer materials include faster response times, greater agility in investigations, improved threat hunting speed, and increased SOC efficiency, and Splunk Phantom is the product now marketed as Splunk SOAR.
|
 |
Tide | Professional Services | 1000 | $120M | United Kingdom | Splunk | Splunk Phantom | Security Orchestration, Automation, and Response (SOAR) | 2021 | n/a |
In 2021 Tide implemented Splunk Phantom as its Security Orchestration, Automation, and Response (SOAR) capability within the company security operations center in the United Kingdom. The deployment centered on automating incident detection and response workflows and embedding the Splunk Phantom application into SOC operations to accelerate alerts to remediation sequences.
The Splunk Phantom implementation was configured with playbook-driven automation, case management and alert ingestion pipelines, using automation workflows to enrich, triage and remediate incidents. Typical SOAR functional components were instrumented, including orchestration of runbook steps, automated response actions and playbook testing and versioning to maintain repeatable incident handling.
Operational integrations tied Splunk Phantom to homegrown telemetry sources and third-party security tools, enabling the SOC to orchestrate actions across detection, containment and remediation controls. The deployment was scoped to Tide’s SOC and security operations teams, with the Splunk Phantom application supporting incident response and threat operations across the UK environment, and outcomes reported included up to ~95% of incident responses automated and investigations shortened from hours to minutes with approximately 5x faster response times.
Governance was operationalized through standardized playbooks, automation approval gates and SOC workflow controls to ensure consistent escalation and testing of automated actions. The configuration emphasized auditability and orchestration governance to align automated remediation with internal incident handling policies.
|
Showing 1 to 4 of 4 entries
Buyer Intent: Companies Evaluating Splunk Phantom
ARTW Buyer Intent uncovers actionable customer signals, identifying software buyers actively evaluating Splunk Phantom. Gain ongoing access to real-time prospects and uncover hidden opportunities.
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||
FAQ - APPS RUN THE WORLD Splunk Phantom Coverage
Splunk Phantom is a Security Orchestration, Automation, and Response (SOAR) solution from Splunk.
Companies worldwide use Splunk Phantom, from small firms to large enterprises across 21+ industries.
Organizations such as ExxonMobil, Dell, Tide and Mitsui Bussan Secure Directions are recorded users of
Splunk Phantom for Security Orchestration, Automation, and Response (SOAR).
Companies using Splunk Phantom are most concentrated in Oil, Gas and Chemicals, Manufacturing and Professional Services, with adoption spanning over 21 industries.
Companies using Splunk Phantom are most concentrated in United States, United Kingdom and Japan, with adoption tracked across 195 countries worldwide. This global distribution highlights the popularity of Splunk Phantom across Americas, EMEA, and APAC.
Companies using Splunk Phantom range from small businesses with 0-100 employees - 0%, to mid-sized firms with 101-1,000 employees - 50%, large organizations with 1,001-10,000 employees - 0%, and global enterprises with 10,000+ employees - 50%.
Customers of Splunk Phantom include firms across all revenue levels — from $0-100M, to $101M-$1B, $1B-$10B, and $10B+ global corporations.
Contact APPS RUN THE WORLD to access the full verified Splunk Phantom customer database with detailed Firmographics such as industry, geography, revenue, and employee breakdowns as well as key decision makers in charge of Security Orchestration, Automation, and Response (SOAR).