Naval Information Warfare Systems Command (NAVWAR) enterprise recently announced that Splunk is the winner of its third prize challenge in the Artificial Intelligence Applications to Autonomous Cybersecurity (AI ATAC) Challenge series.
The prize challenge, managed by Program Executive Office for Command, Control, Communications, Computers and Intelligence (PEO C4I) and Space Systems’ Cybersecurity Program Office (PMW 130), looked to enhance the Security Operations Center (SOC) using artificial intelligence (AI) and machine learning (ML) tools to automate the detection and prevention of advanced persistent threats and other cybersecurity campaign activity.
Current SOC procedures require a tremendous amount of time and effort to triage alerts, link related logs, perform incident response, and document investigations. Through this AI ATAC Prize Challenge, PMW 130 solicited security orchestration and automated response (SOAR) tools that use AI and/or ML to enhance SOC effectiveness for competitive evaluation. NAVWAR and PEO C4I and Space Systems had sponsored this prize challenge to gather insight and participation from nontraditional defense vendors, teams, and individuals.
PMW 130 has partnered with Oak Ridge National Laboratory, a Department of Energy laboratory in Tennessee, to provide their Cybersecurity Operations Research Range facility and their expertise for evaluating the technical solutions. John T. Armantrout, PMW 130 program manager, was looking for SOAR to perform orchestration and automation pieces — coordinated responses to solve problems, with minimal or no human oversight for each incident.
"If the tool can detect more quickly using AI or ML, or is smart enough to categorize an issue as benign or malicious without supervision, then the analyst’s abilities are enhanced and the systems are safer."
— John T. Armantrout, PMW 130 Program Manager
This challenge measured the performance of these tools based on specific SOAR capability criteria to determine how well they would provide improvements to U.S. Navy SOCs across the world. Over 50+ technical Navy personnel of different technical ability and all around the world participated in the evaluation of the implemented instances of Splunk SOAR.
Scoring was based on each tool’s ability to rank alerts, ingest data, facilitate playbook creation and execution, automate ticket population and common tasks, and facilitate communication between potentially geographically separated SOCs. Splunk’s winning submission was given the highest cumulative score across all of these areas.
"It is an immense honor to receive this award from the U.S. Navy on Splunk's SOAR offering. At Splunk, we are heavily invested in supporting agencies worldwide in leveraging technology to complete their missions. Being chosen by an independent panel for our ability to meet the critical needs of the U.S. Navy further validates Splunk as a strategic partner in helping secure our nation's cybersecurity posture."
— Teresa Carlson, President and Chief Growth Officer, Splunk
This was the third AI ATAC prize challenge conducted by NAVWAR enterprise. The first challenge explored the capability for endpoint security products to incorporate AI and ML models to detect and defeat indicators of compromise, while the second focused on AI and ML technologies that detect adversarial campaigns by monitoring network observable behaviors or by analysis of data collected across an enterprise.
Visit our public sector website to learn more about how Splunk SOAR can empower your SOC to investigate and respond to incidents in seconds, streamlining operations and increasing productivity.
Please contact your Splunk sales representative to begin your journey.
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.