Splunk : Aflac Automates Threat Intelligence System With Splunk

SAN FRANCISCO - June 12, 2017 - Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced that Aflac, the leading provider of voluntary insurance at the worksite in the United States, has deployed Splunk solutions to sit at the heart of its internal Threat Intelligence System (TIS). With Splunk® Enterprise Security (Splunk ES) and Splunk User Behavior Analytics (Splunk UBA), Aflac has embraced an analytics-driven approach to security, using Splunk ES to automate and orchestrate more than 20 unique data sources within its Security Operations Center (SOC).

In 2016, Aflac embarked on a mission to build custom TIS in response to the rapid increase in security threats targeting its network of 15,000 worldwide employees. With malware, spear-phishing and nation-state compromises increasing across the globe at an alarming rate, Aflac required stronger threat intelligence to adequately detect and respond to attacks. A long-time Splunk Enterprise customer, Aflac chose Splunk ES to be the analytics backbone within its TIS solution due to Splunk's ability to consume large amounts of disparate threat data and help make it actionable. Aflac uses Splunk to automate their security remediation process, better protect their network and inform stronger security decisions. Since implementing Splunk ES, the insurer has:

• Blocked over two million security threats;
• Orchestrated threat intelligence across 20 security technologies sitting within TIS;
• Automated threat hunting and 90% of its security metrics process in just two months;
• Given security analysts at Aflac more than 30 hours a month back to focus on proactive; security, instead of manual data collection and reporting.

'The success of a Security Operations Center starts and ends with knowing what is inside of your network. As hackers become increasingly sophisticated, that level of visibility is often challenging, especially when you are consuming more than 20 different security data sources like we are,' said Tim Callahan, Senior Vice President, Chief Global Security Officer at Aflac. 'Since implementing ES as the brain in our security nerve center, we have found Splunk to be the right solution to quickly and effectively create and implement security analytics across a wide array of data sources and security use cases.'

While Aflac originally brought on Splunk ES to consume, manage and operationalize threat intelligence data from distributed sources within its TIS, the insurer has since expanded their use of Splunk, recently replacing their legacy security information and event management (SIEM) platform with Splunk ES. Aflac also uses Splunk UBA to identify internal threats, and recently started using Splunk for fraud and compliance use cases.

'More and more of our customers are using Splunk ES and Splunk UBA as a business enabler that transforms strategy and influences decision-making from the very top. Aflac is a great example of how security teams contribute to the business when they take an analytics-driven approach to security,' said Haiyan Song, senior vice president of Security Markets, Splunk. 'We congratulate Aflac on their continued success and look forward to working with them as they find new ways to automate, orchestrate and respond to threats with machine data.'

For more information on Splunk ES, visit the Splunk website.