Security giant Symantec has sealed up a partnership with big-data upstart Splunk that will see its large-scale data analysis tools used to power Symantec's ongoing security intelligence operations.
The incorporation of Splunk Enterprise 6 will give Symantec a real-time view of the security events flowing through its environment, providing a security investigation platform that will be used to ensure compliance with data-management part of regulations such as Sarbanes-Oxley and the Payment Card Industry Data Security Standard (PCI DSS).
The use of the technology internally will be mirrored by its use within Symantec's security-intelligence offerings, boosting the company's ability to trawl through the mountain of data it collects every day about the Internet threat environment.
"With today's threat landscape, it's critical that we react quickly to identify and respond to any type of threat, especially advanced threats that continue to increase in complexity," said Symantec CSO Julie Talbot-Hubbard in a statement.
"Our efforts, in combination with Splunk software, demonstrate that we are implementing best practices to not only protect our customers and partners, but also help with addressing critical customer problems."
The use of increasingly capable security analysis tools is being widely pegged as being of major importance heading forward, as companies bolster their defences against insidious advanced persistent threats (APTs) that have been honed to quietly slip beneath traditional signature-based defences.
Splunk's App for Enterprise Security targets statistical analysis of HTTP traffic to help CSOs baseline normal behaviour and quickly note aberrations from that behaviour. It's part of a platform that has grown quickly in popularity as the emerging field known as security intelligence continues to gain momentum.
Research firm Research and Markets recently pegged the security analytics market as growing at a compound annual growth rate of 10.4 per cent from 2013 to 2018, when expenditure on the tools will have grown from $US1.96 billion to be worth some $US3.22 billion. If Symantec's investment in Splunk is any indication, much of this will be driven by security firms adding the analytics capabilities to both their internal security capability and their managed security services.