Splunk Buys Security Startup Caspida For $190M

Splunk announced this evening it had purchase Caspida, a Palo Alto startup that uses machine learning techniques to help identify cyber-secruity threats from inside and outside the company, for $190 million. The deal has already closed, the company reported.

Splunk helps companies deal with the onslaught of machine data coming from IT systems using data science techniques and automation to make sense of it. Part of that is a growing security business, which accounted for a third of the company revenue in its most recent quarter, according to Haiyan Song, SVP of security markets at Splunk.

The company has a security product called Splunk App For Enterprise Security. With this purchase, Splunk is adding a new tool to its security arsenal to beef up the ability to locate threats using the machine learning techniques that Caspida has developed.

Like everyone, Splunk has watched the growing number of breaches over the last year, and its customers have been asking for better security detection tools to help battle these threats, many of which use with compromised credentials. This kind of attack is difficult to detect with conventional security techniques looking for signatures or rules. If someone comes in through the front door using valid credentials, there are no rules or patterns. They look like a valid user, Song explained.

That’s why you need to apply data science to look more closely at the usage of every person using the system, even if they appear to be a valid user with proper credentials. Splunk’s general approach is a solution that is data science driven, that provides automated detection and uses machine learning to get smarter over time.

It’s this last piece that Caspida provides for Splunk and fills in a big a hole in its security toolkit. The two companies are located near one another in Silicon Valley and the 35 Caspida employees will join Splunk immediately.

Caspida launched in 2014 and came out with its first product at the end of last year. It has paying customers and it will continue to work them, even as it becomes part of the Splunk team. Song pointed out that Caspida now has the power of the Splunk sales organization and customer base behind it, and it should be able to grow much faster within Splunk then it could have on its own. As that happens, the Caspida team will become more fully integrated inside of Splunk

Caspida has raised $11.5 million since its launch, according to Crunchbase. The $190 million price tag would appear to offer its investors a good return on their money.