- Splunk Public Sector Vice President Bill Rowan announced that the Premier edition of his company’s Enterprise Security platform has achieved FedRAMP moderate authorization
- Rowan said the authorization indicates that ES Premier complies with security controls that ensure the protection of federal data
- ES Premier’s features include security information and event management; threat intelligence; detection engineering; and exposure analytics capabilities
The Premier edition of Splunk Enterprise Security, or ES Premier, has achieved moderate authorization under the Federal Risk and Authorization Management Program, according to Bill Rowan, vice president of the company’s public sector business and a four-time Wash100 Award winner.
“By bringing the advanced capabilities of ES Premier into the FedRAMP ecosystem, we are helping federal agencies stay ahead of adversaries while maintaining the highest standards of data integrity and security,” Rowan remarked in a blog he wrote on Thursday.
What Is Splunk Enterprise Security?
Splunk Enterprise Security is a threat detection, investigation and response platform, which comes in two editions: ES Essentials and ES Premier. Both feature integrated security information and event management; threat intelligence; detection engineering; and exposure analytics capabilities. But unlike Essentials, Premier also features security orchestration, automation and response; user entity and behavior analytics; and automated threat analytics capabilities.
Rowan described FedRAMP as “the gold standard for cloud security in the federal government” and gaining moderate authorization indicates that ES Premier “meets the stringent security controls required to protect federal data.”
What Are the Recent Efforts of Splunk Related to FedRAMP Moderate Authorization?
Earlier this month, Rowan announced that the company is opening access to its Edge Processor and some features of its Ingest Processor to eligible FedRAMP Moderate customers of the Amazon Web Service GovCloud. The products are designed to process an agency’s data before it leaves the organizational network and as it is received through the Splunk cloud. The expanded accessibility of Edge Processor and Ingest Processor is part of the company’s effort to support agencies’ operational and cyber resilience.


