We are pleased to announce the general availability of Splunk Enterprise Security 8.1. Splunk becomes the only vendor to bring truly unified threat detection, investigation, and response (TDIR) workflows fueled by automation to both customer managed deployments and FedRAMP Moderate environments. Splunk empowers security operations centers (SOCs) to strengthen their digital resilience with increased visibility, more accurate detections, and tightly integrated, automated workflows delivered through a unified SecOps platform that increases efficiency by 50%.
Highlights include:
- Splunk SOAR on-premises customers can seamlessly integrate with Splunk Enterprise Security. This enables enhanced deployment options so that both on-premises and cloud customers have a completely integrated workflow experience for case management, alert triage, incident investigation, and incident response use cases.
- Splunk Enterprise Security administrators are now able to pair Splunk Enterprise Security and Splunk SOAR in secure FedRAMP environments.
- Threat Intelligence Management tenants will be provisioned for and delivered to Splunk Enterprise Security on-premises customers between August 2025 and August 2026, with instructions for requesting access being posted in Enterprise Security documentation on 1 August 2025 (On-premises customers are not required to obtain a Threat Intelligence Management cloud tenant if they prefer not to). Analysts will be able to fully investigate security events by accessing relevant and normalized intelligence to better understand threat context and accelerate time to triage. They can manage security events and leverage threat intelligence feeds directly within Splunk Enterprise Security without pivoting to other tools, ultimately reducing time to investigate.
- Enhancements to Finding-Based Detections (Available in Preview with Splunk Enterprise Security 8.1).
Learn more here!
Upgrade today to Splunk Enterprise Security 8.1!
