Splunk’s Path Towards Achieving FedRAMP Moderate Authorization for Splunk Observability

Splunk continues to partner with government agencies on their digital transformation journeys to help deliver their missions and provide faster and more intelligent services. We are committed to the success and support of the security requirements of our public sector customers, and I am thrilled to share the latest strategic investments Splunk is making to expand our FedRAMP program to include Splunk Observability Cloud for government customers. 

Splunk is proud to provide world-class solutions for government in the cloud and customer-managed environments. Splunk Cloud Platform, along with our award-winning Splunk Enterprise Security and Splunk IT Service Intelligence solutions, are foundational offerings for our government customers. Together, they empower customers to deliver resilient, secure outcomes. In 2019, Splunk Cloud Platform received authorization from the Federal Risk and Authorization Management Program (FedRAMP®) Program Management Office at the Moderate Impact level. Our continued investments led to the September 2021 announcement that the U.S. Defense Information Systems Agency (DISA) granted Splunk Cloud Platform U.S. Department of Defense (DoD) Impact Level 5 (IL5) Provisional Authorization (PA) for data, including national security systems.

Our team has achieved two significant milestones this year. In September we shared that Splunk Cloud Platform has achieved FedRAMP High authorization. In reaching the highest level of FedRAMP authorization, Splunk Cloud offers the entire spectrum of security standards necessary for all government agencies to modernize their strategies and adopt the cloud. Federal agencies and their partners can leverage Splunk Cloud Platform with FedRAMP High to help manage the government’s sensitive data and enhance security posture. In June, we shared Splunk’s commitment to state and local government and higher education by achieving an “Authorized” designation from the State Risk and Authorization Management Program (StateRAMP®). Splunk Cloud Platform is listed on the authorized products list. Finally, Splunk SOAR was added to FedRAMP Moderate in August 2024.

As our annual GovSummit event in Washington, DC approaches, we are excited to share that we plan are actively pursuing a FedRAMP Moderate authorized Splunk Observability Cloud offering. Splunk has achieved an “In Process” designation from the Federal Risk and Authorization Management Program (FedRAMP®) Program Management Office (PMO) as it works towards FedRAMP Moderate authorization for Splunk Observability.

Observability

Splunk Observability Cloud is a Software as a Service (SaaS) solution for infrastructure monitoring, application performance monitoring (Splunk APM), real user monitoring (Splunk RUM), and synthetic monitoring (Splunk Synthetic Monitoring). Splunk Observability Cloud also directly integrates logs ingested in Splunk Cloud Platform and Splunk Enterprise through Log Observer Connect. 

Splunk Observability Cloud is foundational in accelerating your digital service delivery based on human-centered design so services like SNAP benefits and housing vouchers, self-service tax processes, and student or veteran loans can be delivered to and processed by the public seamlessly, avoiding friction — and most importantly — saving the public time. It unlocks the ability to work backward from the digital experiences citizens have with public sector websites, capturing customer actions and the results of those actions, to more quickly find and solve problems as they are experienced, yielding happy citizens and increased public trust. Splunk Observability Cloud also helps you iteratively improve sites without the need to consistently ask citizens about their experiences. Through full-fidelity monitoring and troubleshooting across infrastructure, applications, and user interfaces, in real-time and at any scale, Splunk Observability Cloud helps you keep your services reliable, deliver great customer experiences, and innovate faster.

Splunk Observability Cloud helps you respond to outages and identify root causes, while also giving you the guidance you need to optimize performance and productivity going forward. You can select from over 200 supported open standards-based integrations with common data sources to get data from your on-premises and cloud infrastructure, applications and services, and user interfaces into Splunk Observability Cloud. When you send data from each layer of your environment, Splunk Observability Cloud transforms it into actionable insights in the form of dashboards, visualizations, alerts, and more. Public sector organizations can rely on Splunk for unified observability across metrics, logs, and traces for their mission-critical digital systems. 

“As government agencies accelerate their cloud transformations and migrate their critical applications to the cloud, Splunk Observability will help accelerate this transformation and meet our customers wherever they are in their transformation from on-prem to hybrid to cloud-native applications. Agencies must monitor their health, performance, applications and infrastructure to meet the increase in demand for citizen services, and Splunk is the trusted partner to help them achieve this. Splunk is committed to supporting the call to strengthen the cloud and cybersecurity capabilities of the federal government.” - Mala Pillutla, GVP Observability at Splunk

As a trusted federal partner with decades of experience, Splunk understands agency environments and the compliance challenges that our customers face. We will continue to enhance our capabilities to more securely store and process mission-critical information as we remain committed to our promise to create a digital world that is safer and more resilient. 

Want to learn more about our FedRAMP designation or secure cloud solutions? Contact us here.

^{This blog may contain forward-looking statements regarding future events, plans or the expected financial performance of our company, including our expectations regarding our products, technology, strategy, customers, markets, acquisitions and investments. These statements reflect management's current expectations, estimates and assumptions based on the information currently available to us. These forward-looking statements are not guarantees of future performance and involve significant risks, uncertainties and other factors that may cause our actual results, performance or achievements to be materially different from results, performance or achievements expressed or implied by the forward-looking statements contained in this blog.}

^{For additional information about factors that could cause actual results to differ materially from those described in the forward-looking statements made in this document, please refer to our periodic reports and other filings with the SEC, including the risk factors identified in our most recent quarterly reports on Form 10-Q and annual reports on Form 10-K, copies of which may be obtained by visiting the Splunk Investor Relations website at www.investors.splunk.com or the SEC's website at www.sec.gov. The forward-looking statements made in this blog are made as of the time and date of its drafting. If reviewed later in time, even if made available by us, on our website or otherwise, it may not contain current or accurate information. We disclaim any obligation to update or revise any forward-looking statement based on new information, future events or otherwise, except as required by applicable law.}

^{In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. We undertake no obligation either to develop the features or functionalities described, in beta or in preview (used interchangeably), or to include any such feature or functionality in a future release.}