Rackspace Leverages Splunk to Help Power Its Decision Analytics EngineJune 28, 2017
Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced Rackspace®, a managed cloud leader, is leveraging Splunk® Enterprise and Splunk Enterprise Security (Splunk ES) as the foundation for the company’s decision analytics engine. Rackspace uses Splunk solutions across security, compliance, DevOps, business intelligence, application management and IT operations.
Rackspace ingests nearly three terabytes of data per day into Splunk software to create meaningful visualizations, to diagnose anomalous activity, and to remediate issues across all business processes. As a result, Rackspace’s security and compliance teams are projected to improve the speed of security event detection by at least 70 percent, accelerate investigation of high-priority security incidents by at least 70 percent and decrease the overall financial impact of security outages by at least 50 percent. Through automation of these processes, Rackspace security analysts will get valuable time back to focus on establishing proactive security strategies.
"With Splunk ES, our IT team can gain visibility across thousands of endpoints continuously – including servers, network devices, security scans and threat feeds – enabling faster threat detection and resolution for our customers," said Dave Neuman, vice president and chief information security officer, Rackspace. "Our Splunk adoption began at the grassroots level, with small network teams running log analysis and application management to streamline IT troubleshooting and operations. Once our leadership realized the full potential of Splunk, we broadly deployed Splunk ES to help ensure the success of a major PCI compliance initiative."
As a managed cloud provider, there are more than 10 areas of PCI security standards Rackspace must comply with to help ensure its internal infrastructure can host sensitive customer data. Rackspace selected the Splunk App for PCI Compliance for Splunk Enterprise over competitors and legacy solutions for the PCI compliance initiative because of the solution’s ability to scale, retain historical data and perform ad-hoc forensic searches. Rackspace analysts can now detect and respond to anomalous threat activity and recommend remediation steps in near realtime. Splunk collaborated with Kinney Group throughout the project for on-the-ground deployment and support services.
Moving forward, Rackspace will rely on the Splunk Machine Learning Toolkit to operationalize machine learning across IT, security and business operations throughout the company’s automated business processes.
"Organizations rely on Splunk ES to be their security nerve center, giving security analysts the ability to rapidly and automatically coordinate a security response once a threat is detected. This automation improves the overall security and compliance posture for customers and end-users, which is a paramount necessity as hackers continue to up their game," said Haiyan Song, senior vice president of security markets, Splunk. "At the heart of Rackspace’s PCI project was the desire to maintain compliance and improve operations. The project enabled broader Splunk adoption, extending the deployment beyond small IT or security teams and into a company-wide initiative, effectively extending a stronger security posture to its customers."