List of Splunk SOAR Customers
San Francisco, 94107, CA,
United States
Since 2010, our global team of researchers has been studying Splunk SOAR customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Splunk SOAR for Security Orchestration, Automation, and Response (SOAR) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Splunk SOAR for Security Orchestration, Automation, and Response (SOAR) include: Novuna, a United Kingdom based Banking and Financial Services organisation with 2200 employees and revenues of $8.32 billion, Oklahoma Office of Management and Enterprise Services, a United States based Government organisation with 1108 employees and revenues of $301.0 million, Tide, a United Kingdom based Professional Services organisation with 1000 employees and revenues of $120.0 million, Mitsui Bussan Secure Directions, a Japan based Professional Services organisation with 264 employees and revenues of $30.0 million and many others.
Contact us if you need a completed and verified list of companies using Splunk SOAR, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Splunk SOAR customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Mitsui Bussan Secure Directions | Professional Services | 264 | $30M | Japan | Splunk | Splunk SOAR | Security Orchestration, Automation, and Response (SOAR) | 2022 | n/a |
In 2022, Mitsui Bussan Secure Directions implemented Splunk SOAR within its Security Orchestration, Automation, and Response (SOAR) environment to automate core SOC functions for its managed security services in Japan. The deployment targeted threat hunting, case management, and enhanced email filtering to improve response speed and operational agility across SOC workflows and customer incident handling.
Splunk SOAR was configured with automated playbooks for data collection, investigation triage, and incident response, and the Splunk SOAR case management capability was used to centralize alert tracking, escalation, and remediation workflows. Configuration emphasized orchestration of repeatable investigations and automated evidence gathering to reduce manual analyst steps and streamline handoffs.
Integrations included the company SIEM and external threat intelligence feeds to automate ingestion, enrichment, and correlation of alerts, enabling automated investigation steps and playbook-driven response actions. Enhanced email filtering was implemented as part of the orchestration layer to reduce manual triage for phishing and email borne incidents handled by managed security services.
Operational coverage focused on the SOC and managed security service delivery for customer environments across Japan, with governance changes that standardized incident handling, playbook approval, and escalation procedures. The implementation improved response speed and operational agility as reported by Mitsui Bussan Secure Directions.
|
 |
Novuna | Banking and Financial Services | 2200 | $8.3B | United Kingdom | Splunk | Splunk SOAR | Security Orchestration, Automation, and Response (SOAR) | 2023 | n/a |
In 2023, Novuna deployed Splunk SOAR, Security Orchestration, Automation, and Response (SOAR), together with Splunk Enterprise Security to automate initial alert triage and contain 80,000 security events. The deployment targeted the company's security operations center and cyber team in the United Kingdom, focusing on high volume alert handling.
Splunk SOAR was configured for automated first stage analysis, triage, containment and escalation, using orchestration playbooks to standardize response steps and reduce manual handoffs. The implementation consolidated multiple Splunk instances to improve cross platform integration and uptime, enabling centralized case management and automated enrichment workflows.
Integrations concentrated on Splunk Enterprise Security as the primary telemetry and correlation source, feeding events into Splunk SOAR for automated processing and forwarding escalations to the cyber team. Operational coverage centered on SOC alert pipelines where SOAR performed initial triage and routed incidents for analyst investigation.
Governance work formalized automated workflows and escalation policies, embedding escalation criteria into runbooks and defining handoff points to the cyber team. The deployment contained approximately 80,000 security events and delivered roughly $500,000 in cost savings within eight months, while consolidation improved uptime and cross platform integration.
|
 |
Oklahoma Office of Management and Enterprise Services | Government | 1108 | $301M | United States | Splunk | Splunk SOAR | Security Orchestration, Automation, and Response (SOAR) | 2021 | n/a |
In 2021, Oklahoma Office of Management and Enterprise Services implemented Splunk SOAR in a Security Orchestration, Automation, and Response (SOAR) deployment to centralize automated incident detection and response across multiple state agencies. The implementation placed Splunk SOAR at the center of coordinated incident workflows used by the Intrusion Response Team and network security functions, and ServiceNow was used to manage incidents, tasks, projects, and change requests across agencies. The deployment scope included state cloud environments and agency networks operated under a hybrid model, aligning security operations, network operations, and incident response processes.
Splunk SOAR was configured with playbooks and runbook automation to operationalize IOC detection and response, and the team implemented case management and event enrichment capabilities consistent with SOAR functional patterns. Engineers developed SOPs, Splunk and Anomali dashboards, and custom threat-hunting searches to feed automated playbooks, and user access policies were enforced using least privilege principles. The Splunk SOAR implementation explicitly used RESTful API integrations to CrowdStrike and Zscaler for automated IOC detection and response, and the full application name Splunk SOAR appears in operational runbooks.
The SOAR deployment operated within an environment where network enforcement and telemetry were managed by Palo Alto firewall policies administered via Panorama, VLAN segmentation models, and state cloud networking built on VMware NSX-T and SDN techniques. Those network and cloud controls provided contextual telemetry and operational controls that security playbooks referenced during triage and containment workflows. ServiceNow provided ticketing and change orchestration inputs into Splunk SOAR playbooks to automate incident lifecycle actions and tasking across agencies.
Governance for the implementation included SOP development, formalized user access policies, and alignment with ISO 27001 based risk assessment practices. Third-party risk and vendor evaluations used Bitsight, UpGuard, and vulnerability scoring tools to inform decisions that intersected with automated detection and playbook remediation. The narrative links Oklahoma Office of Management and Enterprise Services, Splunk SOAR, Security Orchestration, Automation, and Response (SOAR), and core security operations functions in a unified operational model.
|
 |
|
Professional Services | 1000 | $120M | United Kingdom | Splunk | Splunk SOAR | Security Orchestration, Automation, and Response (SOAR) | 2022 | n/a |
|
Buyer Intent: Companies Evaluating Splunk SOAR
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||