Splunk Highlights Security Alliances, Importance of Data to Digital Transformation
SPLUNK WORLDWIDE USERS’ CONFERENCE — “Every business is an IT business — IT is the business,” said Splunk chief technology advocate Andi Mann, opening Day 2 of .conf16 with a call to action for attendees to stop keying in on one application or infrastructure element and focus on unified services as the route to digital transformation.
Mann says that focus demands end-to-end visibility into data and encouraged download of the free, seven-day online sandbox of the Splunk ITSI machine learning tool. Splunk announced ITSI 2.4 yesterday.
“You can evolve,” said Mann. “We’ve got you.”
The problem with wider access to data is that it becomes a target for attackers. Much of the Day 2 programming was focused on security, which now represents 40 percent of Splunk’s business and is clearly seen as a growth opportunity.
“Digital insights have provided fertile ground for a dark economy,” said Haiyan Song, SVP of security markets. Song was joined on stage by Mike Stone, CIO of the U.K.’s Ministry of Defence, who said his agency is moving to what he calls “Defense as a Platform” — an ecosystem with a single information environment, accessible with one sign on.
“We are embarked on one hell of an ambitious journey,” said Song. “Absolutely central to that is the security fabric.”
Stone’s speaking role emphasized the global nature of the conference, with many press and attendees traveling from EMEA.{ad}
“We absolutely want to exploit the gold dust,” said Stone of the masses of data generated by assets from satellites to troops on the ground.
Tuesday’s product announcement was around the expansion of Splunk’s Adaptive Response Initiative. The alliance, announced earlier this year, had Carbon Black, CyberArk, Fortinet, Palo Alto Networks, ThreatConnect and Ziften among its founding members. Song announced today the addition of 11 additional security providers, including Cisco, CrowdStrike, ForeScout, Okta, Proofpoint, Qualys and Symantec, bringing the total membership to 20, including Splunk.
Monzy Merza, director of cyber research and chief evangelist, dug deeper into how the Splunk Enterprise Security SIEM product, combined with Adaptive Response and User Behavior Analytics, can help customers and partners make better use of scarce talent via automation and visualization, while providing faster and better threat detection, remediation and investigations.
Splunk Enterprise Security 4.5, Splunk User Behavior Analytics 3.0 and version 3 of the UBA product will be available Oct. 31.
Merza says the ES and UBA products can …
{vpipagebreak}
… augment or replace other SIEMs. “One banking customer is collecting over 100 different feeds,” he said.
In statements, Cisco and Symantec confirmed their commitments to the Splunk relationship.
“Cisco is pleased to expand our collaboration with Splunk by coupling our integrated threat defense portfolio with Adaptive Response,” said Jeff Samuels, Cisco vice president of security marketing. “To defend against aggressive adversaries, we must streamline remediation by making security simple, open and automated.”
Symantec also weighed in, saying efficiency is important, as we see a widening skills shortage in IT security, a problem also affecting the channel.
“Splunk Adaptive Response has the power to help reduce workload on customer SOC teams by speeding up decision making and associated actions through automation,” said Peter Doggart, Symantec’s vice president of Blue Coat business development.
The basis of Splunk’s ease of use proposition is machine learning, technology that Gartner’s recent “hype cycle” says is two to five years away from going mainstream. Splunk, and the U.K. Ministry’s Stone, disagree.
“Machine data is absolutely key to digital transformation,” said Splunk president and CEO Doug Merritt in Monday’s keynote. Stone told attendees that the constraint today is not technology, it’s creativity.
“Dare to imagine,” he said.
Follow editor in chief Lorna Garey on Twitter.
