Acquisitions

Cisco announces intent to acquire SnapAttack

Helping Cisco’s Splunk accelerate its existing organic “detection-as-code” capabilities and expanding its roadmap with new initiatives and incremental innovation, delivering differentiated capabilities to help organizations power the Security Operations Center (SOC) of the future.

Overview

SAN JOSE, Calif. – December 16, 2024 – Cisco (NASDAQ: CSCO)

Today, Cisco announced the intent to acquire SnapAttack, a privately held company headquartered in Arlington, VA that offers a threat detection and engineering platform.  

At a time when organizations around the world need to build digital resilience more than ever, SnapAttack will provide critical threat detection and engineering (TD/E) technology, intellectual property, and expertise to help Cisco’s Splunk further accelerate its organic threat detection content and engineering roadmap.   

SnapAttack's complete TD/E management lifecycle solution provides security analysts with the ability to continuously assess, organize and optimize their security content, streamlining the research, writing, validation and deployment of threat detections across their technology estate. 

Moreover, SnapAttack helps a growing number of customers that are migrating over to Splunk Enterprise Security from competing solutions to easily adapt, deploy and validate their existing security content onto Splunk, and modernize their SIEM with a simple and seamless TD/E solution.   

SnapAttack is led by strong technical leaders with deep domain expertise. SnapAttack represents a unique opportunity to acquire a strong threat detection and engineering-centric team to further augment Cisco and Splunk’s existing engineering talent.  

FAQs

Q: What is Cisco announcing? 

A: Cisco is announcing the intent to acquire SnapAttack, a privately held company based in Arlington, VA that offers a threat detection and engineering platform, providing critical technology, intellectual property, and expertise to help Splunk further accelerate its organic “detection-as-code" roadmap. 

Q: Why did Cisco choose SnapAttack? 

SnapAttack will help Cisco’s Splunk accelerate its existing organic “detection-as-code” roadmap and expand its roadmap with new initiatives and incremental, competitively differentiated new features. Acceleration areas include:

  • Enhanced detection engineering experience: Ensure defenders have access to market leading capabilities such as: (1) detection content discovery, (2) detection authoring and lifecycle management, (3) continuous detection validation, (4) AI/ML for both detection content and additional use cases like detection translations (to diligence further).

  • Continue to delight existing customers: Critical to protect and expand our base by rapidly delivering enhanced threat detection and engineering features that will address common customer requests while reinforcing Splunk as an innovator.

  • Win New Customers: This feature set has the potential to sway customers that are on the fence about the value of Splunk Enterprise Security (ES) as well as those with existing alternate third-party solutions, given its ability to optimize across all existing SecOps tooling. 

Q: Why is now the right time to acquire SnapAttack?  

A: As organizations face an ever-evolving threat landscape, they must deploy proactive threat management within their SOC. Cisco’s Splunk is currently building these capabilities into its market-leading SIEM, Splunk ES.  With SnapAttack, it will accelerate and expand its “detection-engineering” roadmap efforts that are critical to helping organizations power the SOC of the future. 

Customer & Partners

SnapAttack Customers and Partners:

If you are an existing customer or partner of SnapAttack and have questions about your product or service, please continue to contact your existing SnapAttack representative.

Cisco Customers and Partners:

If you are an existing customer or partner of Cisco and have questions about your product or services, please continue to contact your existing Cisco representative.

Customer Experience

Current SnapAttack customers and partners should continue to contact SnapAttack for support on their products, and to renew their service support contracts. Any changes to the processes will be communicated with ample time.

Cisco customers should continue to use the Cisco Technical Assistance Center (TAC) for technical support on Cisco products. For more information about opening a technical support case and for regional TAC telephone numbers, refer to Cisco Worldwide Support Contacts.

Better Together

SnapAttack will support and accelerate Cisco’s vision to reimagine digital resilience and the SOC of the Future with Splunk.