The Splunk® platform provides a proven, integrated and massively scalable data analytics platform that cuts across technology silos, providing real-time insights that can enable government agencies to take the fast, decisive actions necessary for efficient program delivery and success. With programs for accountability, transparency, and data protection, Splunk helps agencies ensure compliance and streamlines reporting, detects patterns and discovers malicious behavior and attacks not seen by signature and rule-based systems, including insider activity and fraud. Splunk software supports the Continuous Diagnostics and Mitigation (CDM) program to enhance and modernize the security posture for Federal Departments and Agencies (D/A).

Data Security

The Splunk® platform provides IT teams with an analytics-driven security solution to keep data safe. Organizations around the world use Splunk Enterprise Security as their security information event management (SIEM) solution for monitoring, advanced threat detection, forensics and incident response and a wide range of security analytics use cases. IT teams can leverage the Splunk® platform’s advanced security analytics capabilities through a variety of deployment options, including on-premises, in the cloud or as a hybrid model. The full suite of security-focused solutions allows users to adopt Splunk as a platform and a large partner ecosystem offers easy integration across heterogeneous ecosystems.

Security Monitoring

With end-to-end visibility and continuous, real-time monitoring across cloud, on-premises and hybrid services, the Splunk® platform helps IT teams strengthen their security posture and gain valuable insights across the entire organization. IT teams can use out-of-the-box or custom correlations, searches and visualizations of all data types to identify malicious activity, optimize threat detection and streamline incident response. Splunk Enterprise Security also helps organizations establish a historical baseline for audits and adhere to compliance requirements.

Fraud

The Splunk® platform helps agencies search, detect, investigate and visualize fraudulent behaviors and transactions to determine anomalies that typically slip through undetected. With Splunk, fraud teams can take appropriate action before fraudsters misuse or drain accounts and initiate varied and customizable remediations. Fraud teams can define fraud rules on wire transfers and card transactions to identify suspect activity, and can implement multiple velocity-based rules — such as geographic and merchant changes — to determine fraudulent transactions. The Splunk platform can also better identify anomalous behavior with clustering algorithms that consider multiple fields in transactions to identify outliers.


Advanced Threat Detection

The Splunk® platform helps organizations quickly identify and prevent security threats and protect data by providing a single view across all stages of a cyber attack. IT teams can easily correlate structured and unstructured data — from any data source — and set up rules and alerts to quickly identify and visualize threats. Through anomaly detection and machine learning, IT teams can detect unknown and advanced threats and determine whether anomalies are malicious or simply actionable. With the Splunk platform, security analysts can also apply advanced statistical analysis and machine learning techniques to detect outliers and anomalies in order to pinpoint key characteristics of different types of threats, for example insider threat vs. malware infection.

Compliance

The Splunk® platform helps agencies quickly gain real-time posture and insights across all IT resources and security controls to clear compliance, regardless of mandate or regulatory framework. With Splunk software, compliance teams gain real-time log and event data collection for centralized correlation and analysis, granular visibility and real-time insights on information assurance and adherence to controls, and custom metrics views and self reporting to make audits easier.

Cloud Monitoring

With full visibility across cloud and on-premises systems, the Splunk® platform eliminates silos and transforms machine-generated data into valuable insights to help make businesses more productive, profitable and secure. The Splunk® platform can help IT teams gain critical security, operational and cost management insights across entire AWS and hybrid environments, and Splunk delivers applications (pre-built dashboards, reports and analytics) for cloud solutions including AWS, Akamai, and ServiceNow.

Infrastructure Monitoring

The Splunk® platform helps organizations monitor and troubleshoot their mission-critical infrastructure and applications. Using Splunk software, IT teams can gain visibility into the entire technology stack to reduce mean-time-to-resolution (MTTR) and improve uptime and availability of applications and infrastructure. The Splunk platform is scalable, available and easy to deploy on-premises, in the cloud or a hybrid approach, and correlates data from multiple different sources.

AI and Machine Learning

The Splunk® platform uses artificial intelligence powered by machine learning to identify anomalies and patterns that can speed investigations and intelligence discovery. With Splunk software and machine learning, teams can reduce event clutter and support automated detection of insider threats and external attacks. Splunk also provides the Machine Learning Toolkit, a guided workbench where teams can create, test and deploy flexible models. The Splunk platform includes over 25 commonly used machine learning algorithms that can be applied directly to data for detection, alerting or analysis, all without ever leaving the Splunk platform.

Trust

COntract information

Agreement Number

5I-30401

Ordering Agencies

All Department of Energy and Prime Contractors

Primary Goods & Services

Juniper hardware, software, and support services

Delivery

Delivery 30 Days. FOB Delivery Order.

Term Start

December 10, 2014

Term End Date

December 9, 2019

Notes

All contract items must be TAA compliant.

Warranty Terms

Manufacturer Warranties

Contacts

BOA Program Manager

Stacey Holder

571.323-5706

stacey.holder@affigent.com

UChicago Argonne Contact

703.806-8237