Customers turn to Splunk to understand and improve their security posture. We practice what we preach. We are dedicated to keeping your data secure and private. We are committed to adhering to global and industry compliance initiatives. We prepare for incidents, and we help you prepare, respond to, and remediate the consequences of any incidents. To learn about how Splunk keeps your data secure and private in its offerings, how it deploys Security by Design particularly in hosted services, and our policies visit Splunk Protects.
If you discover a security vulnerability in a Splunk product or service, we want to hear it.
If you’re a Splunk Customer, go to the Support Portal and submit a New Case. If you already submitted through Support, we’ll be in touch with you through the Case.
To report a vulnerability via the Splunk Vulnerability Disclosure Program on Intigriti, please submit your report using the following link: Splunk Vulnerability Disclosure Program
If you choose not to register on the Intigriti platform, you may contact us by email at prodsec@splunk.com. A Splunk PSIRT representative will respond within two business days of receiving your communication.
By submitting your report, you agree to the Splunk Website Terms & Conditions of Use.
NOTE:
Pentesting or scanning of any Splunk Cloud product is strictly prohibited under Splunk’s Acceptable Use Policy and Terms & Conditions.