Cisco Closes Splunk Acquisition and Closes the Gap with Palo Alto Networks, too

Today, Cisco completed its acquisition of Splunk, many months ahead of its initial estimates at the time of the deal announcement. Over the years, we have tracked Splunk’s exposure to Observability, SIEM, SOAR, and other reportable segments. What’s interesting is that on a pro-forma basis, when we add up Cisco security + Splunk security-related revenues, depending on the time frame involved, Cisco and Palo Alto are now neck-and-neck for the #1 spot in the overall security market for the categories we cover (there are >20 categories that we cover). Security has been a very important market for Cisco since the mid-1990s when it acquired firewall, gateway, and intrusion detection companies, and it has made many acquisitions and internal developments over the years. At $28B, the Splunk acquisition, of course, is Cisco’s largest security acquisition (and the largest in any category, based on the price paid) – and the effect is the vault Cisco right into an overall security market position of either being #1, tied for #1, or very close to #1.

Next quarter, we’ll formally calculate the exact splits because our allocation between Observability, SIEM, SOAR, and other segments is subject to change. Still, this acquisition changes the competitive landscape noticeably. You might say that Cisco got to this enviable position by acquiring, but remember, like Cisco, Palo Alto Networks also made many acquisitions several years ago to get exposure to some large and high-growth security market segments.