Splunk has released a plug-in integrating its Enterprise Security platform with the Australian Signals Directorate's Cyber Threat Intelligence Sharing platform, becoming the second vendor to offer the integration.

The plug-in allows Splunk Enterprise Security customers who are CTIS community partners to share and receive cyber threat intelligence data automatically.

CTIS became mandatory for Australian federal government agencies in July 2025. The two-way sharing platform enables government and industry partners to exchange information about malicious cyber activity.

"No person, organisation or entity is immune from a cyber-attack, but through closer partnerships between governments and the private sector we can collectively join forces," said Stephanie Crowe, head of ASD's Australian Cyber Security Centre.

The plug-in is available to both federal agencies required to use CTIS and private sector organisations, including critical infrastructure operators.

Splunk claims the integration provides "unified workflows, contextual threat intelligence and automation" to improve security operations and compliance readiness.

Separately, Splunk announced its Observability Cloud has achieved an IRAP PROTECTED assessment, its 20th IRAP-assessed offering. The assessment provides government agencies assurance the platform meets security and compliance standards for handling protected-level data.

Marc Caltabiano, group vice president for Australia and New Zealand at Splunk, cited company research claiming only 3% of Australian organisations have reached mature cyber readiness levels. Splunk also claims unplanned downtime costs the Australian economy $A86billion annually.

https://www.splunk.com