Booz Allen Hamilton and Splunk announce strategic alliance to deliver predictive security analytics and operationalize threat intelligence

Management and technology consulting and engineering services firm Booz Allen Hamilton, based in McLean, VA, and San Francisco, CA-based Splunk, provider of the leading software platform for real-time Operational Intelligence, announced on October 14 a strategic alliance to strengthen cybersecurity by delivering joint solutions for public sector and commercial organizations. The combination of Splunk solutions and Booz Allen’s technical and operational expertise will accelerate detection and mitigation of emerging cyber threats; create extended offerings around security; and generate enhanced predictive cyber analytics and richer data sets for responding more quickly to key business questions. This alliance provides advances for joint customers in the areas of incident response, threat defense operations and threat intelligence.

Among the focus areas for development is the integration of threat intelligence with existing cyber operations to provide actionable insights that accelerate detection and mitigation of cybersecurity threats. The first specific joint offering is an incident response flyaway kit (IRFK) that will enable teams to rapidly conduct post-cyber-breach analyses to pinpoint weaknesses. A second area of focus is addressing the security challenges from the Internet of Things (IoT). Booz Allen will continue to evolve additional solutions using the Splunk platform. These solutions will address the new threats and vulnerability challenges associated with the broad, diverse and increasing number of IoT devices, sensors and data expected to come online over the next few years.

The alliance builds upon Splunk and Booz Allen’s track record of success in collaborating to deliver high impact results to the two companies’ joint clients. In support of major commercial clients, including U.S. financial and retail institutions, Booz Allen’s cyber threat intelligence managed security service, Cyber4Sight, relies on an open source intelligence collection engine and utilizes Splunk^® Enterprise to make the data actionable through security analytics. The intelligence collection engine is built around an ecosystem of custom-developed Splunk applications and also leverages various open source technologies as extensions of the Splunk platform.

Booz Allen and Splunk will also develop and host events to help business leaders understand how to prepare and respond to cyber incidents and threats. The first of these events was held at Splunk’s annual users’ conference, .conf2015, in the form of a table-top exercise that put business leaders from different industries and job responsibilities in a simulated incident response exercise where they utilized data and analytics to respond to and mitigate the threat. Further, the alliance will lead to Booz Allen’s deep bench of cyber experts receiving training for the highest level of Splunk certifications, from Knowledge Managers to Certified Splunk Architects.

“In today’s cyber landscape, it is imperative that organizations have real-time situational awareness to better detect and respond to advanced threats,” said Haiyan Song, senior vice president of security markets, Splunk. “With a common operating picture across all levels of organizations, Splunk customers are able to correlate events across the life cycle of an attack into actionable insight for analysis, detection and remediation. Combined with Booz Allen’s deep expertise in cybersecurity, this strategic alliance will deliver solutions that help our joint customers set themselves apart from the pack in protecting their organizations from advanced threats.”

“Organizations are faced with emerging threats that extend beyond the traditional enterprise. Our clients are challenged with understanding the emerging means of attack and developing strategies to proactively detect and defend against threats that continue to grow in both frequency and sophistication,” said Brad Medairy, Booz Allen Hamilton Senior Vice President. “The strategic alliance will combine Booz Allen’s advanced analytics, specialized tradecraft, and deep industry expertise with Splunk’s technology and machine data platform to deliver new innovative solutions that extend beyond the traditional enterprise.”

“As we all become more connected, leaders need to understand how the Internet of Things increases their exposure to risk, and then how they can mitigate those risks. This is an exciting alliance that will blend data and expertise like never before,” said Angie Messer, Booz Allen Hamilton Executive Vice President and leader of the firm’s Predictive Intelligence business.

Source: Booz Allen Hamilton