Corelight transforms raw network traffic into comprehensive, organized network logs with the use of open source Bro (now 'Zeek'). Founded and maintained by the creators of Bro, Corelight provides actionable insights into security events by assembling raw, disparate network data into over 400 protocol-based fields for correlation and analysis in a SIEM tool.

Expanse is a SaaS company that continuously discovers, tracks, and monitors the dynamic global Internet Edge for the world’s largest organizations. In addition, Expanse is the first company to deliver off-premise analysis of network edge communications to identify customer systems that are making risky connections to out-of-policy services on the public Internet

Indegy, is a leader in industrial cyber security, protects industrial control system (ICS) networks from cyber threats, malicious insiders and human error. The Indegy Industrial Cyber Security Suite arms security and operations teams with full visibility, security and control of ICS activity and threats by combining hybrid, policy-based monitoring and network anomaly detection with unique device integrity checks.

Security operations teams are drowning in machine data and strapped for people who can make sense of the signals coming from it. In today’s rapidly evolving threat landscape, quickly drawing actionable insights from the data is the key to reducing risk. Cyber Security Investigator (CSI) for Splunk enables your analysts at any level to harness the power of natural language search, be significantly more productive, and think strategically, as they investigate complex data.

Qmulos Apps, powered by Splunk, are the only compliance solutions architected to foster a continuous monitoring mindset to the compliance problem. Our security expertise led us to focus our solution on security-relevant machine state data, as well as other required audit evidence types. Our key execs have decades of proven compliance, cyber, and security research experience. Our company is a ISV (TAP) and Professional Services Partner of Splunk.

>rapid response is a new app built by Optensity for use with Splunk alerts. >rapid response lets you turn Splunk’s operational intelligence into direct action in real-time. Rely on >rapid response to ensure fast, repeatable execution of your critical IT operations, security, compliance and application delivery strategies.

SwiftStack provides cloud-native, software-defined storage for unstructured data in a single namespace, powered by policies to extend enterprise workflows across private and public cloud infrastructure. Verified by Splunk, and proven to be fully compatible with Splunk SmartStore, SwiftStack is the only storage option that can be built on the same server platform as Spunk indexers, helping to simplify operations and management of disparate data sets.

• Streams mainframe machine data to Splunk for enterprise-wide operational intelligence.
• Collects log data from SMF, RMF, SYSLOG and other IBM z/OS mainframe data sources (should we add Top Secret, etc. here?), and forwards that data in real time to the Splunk® Enterprise analytics platform ensuring visibility into your z/OS environment integrated with information from the rest of your IT infrastructure.
• Features advanced filtering and data loss protection to minimize data loss during network or other external failures.
• Integrates with Splunk Enterprise Security and Splunk IT Service Intelligence.