Cisco to Acquire Splunk in $28B Deal in Bid to Boost Observability, Security

Networking giant Cisco announced plans today to acquire cybersecurity and observability leader Splunk in a massive $28 billion deal. The acquisition aims to unite the two companies' complementary capabilities in security, observability, and cloud monitoring to better protect organizations against modern threats.

Under the terms of the agreement, Cisco will pay $157 per share for all outstanding shares of Splunk stock. If approved, it will be one of the largest acquisitions ever for Cisco.

Cisco said combining Splunk's security strengths with its portfolio will provide more comprehensive coverage across devices, applications, and cloud environments for customers. 

Cisco-Splunk-deal-overview_0

Splunk has been steadily building out its portfolio of observability capabilities over its two-decade history. At the company's recent .conf23 event, Splunk refreshed its entire product platform with updated IT operations observability, security, and artificial intelligence innovations.

Cisco is no stranger to observability either, acquiring multiple observability companies in recent years, including AppDynamics for $3.7 billion in 2017 and ThousandEyes in 2020 for $1 billion.

"With Splunk's leading platform for security and observability, it's going to strengthen and accelerate our ability to bring more innovation to our customers," Cisco CEO Chuck Robbins said on a call with financial analysts announcing the deal. "Our combined capabilities will create an end-to-end data platform to enhance digital resiliency."

Related:Splunk State of Observability 2023 Research Reveals Fewer Outages

How Cisco-Splunk Combination Will Improve Observability

Robbins said that once the deal closes the combined platform will go beyond what the two companies were already doing on their own.

Robbins-Cisco

For example, Splunk's security capabilities complement Cisco's existing security portfolio very well, Robbins said. By integrating Cisco's extended detection and response platform and Splunk's security information and event management (SIEM) offering, the combined company will be able to help customers move from threat detection and response to threat prediction and prevention, he noted.

"In terms of observability, our complementary capabilities will offer observability for the full IT stack from the application to the network across hybrid and multicloud environments," Robbins said.

Cisco Product Overlaps with Splunk Is Not a Concern

During the investor call, analysts asked about the risk of potential overlap across the existing Cisco and Splunk portfolios.

Robbins said the overlap isn't a concern. He noted that the insights available through Cisco AppDynamics and ThousandEyes are different from what Splunk offers. Cisco's technologies today largely focus on network visibility. In his view, when Cisco combines the data it has in its existing platforms with the data in the platform that Splunk has, the combined offers will deliver the greatest number of insights to organizations about what's going on in their technology infrastructure.

Related:SolarWinds IT Trends Report Reveals Observability Advancing Automation

Splunk's CEO Gary Steele is also not concerned about overlap and is particularly enthusiastic about the new market reach Cisco will bring.

"I'm super excited about the go-to-market opportunities, specifically. If you look at our business today, we're roughly two-thirds domestic and one-third international," Steele said on the investor call. "If you think about the power of Cisco's broad footprint around the globe, it gives us a tremendous opportunity to get to market that, frankly, we're just not touching today."