Oliver Friedrichs, VP of Security Products, Splunk, sits down with Jeff Frick at RSAC USA 2020 in San Francisco, CA.
#RSAC #Splunk #theCUBE @SiliconANGLE theCUBE @RSA Conference
https://siliconangle.com/2020/03/02/splunk-leverages-automation-security-solutions-integrates-vendors-rsac/
Splunk leverages automation in security solutions, integrates vendors
BY SILVIA FREGONI
Time is a key element in preventing and responding to cybersecurity threats within an enterprise. To make the most of the security teams’ time, data analysis company Splunk Inc. has been leveraging automation to enhance its enterprise security solutions.
Built on the strengths of Phantom Cyber Inc., bought by Splunk in 2018, the Security Orchestration Automation and Response, or SOAR, technology enables the automation of much work that security analysts would perform manually.
“Typically, if analysts are looking at an event, it would take them 10 minutes best case, 11 hours worst case to analyze that and do all the work that they need to triage it,” said Oliver Friedrichs (pictured), vice president of security products at Splunk. “By automating, we are able to reduce that to a best case of a second and worst case of 10 minutes.”
Friedrichs spoke with Jeff Frick, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the role of automation in contemporary security solutions and how the increasing use of automation also by attackers can create a “robot war.”
Automation helps free up security analyst time
Automation targets many routine tasks to free up analysts to perform more proactive, higher-order activities, according to Friedrichs. “Things that actually require human thought versus the repetitive work,” he said.
But it is not just about replacing the daily tasks of analysts. For example, SOAR has become multipurpose and today integrates over 300 security vendors to allow for total security orchestration, automation and response.
“The typical large enterprise has maybe 60, 70 security products that they are all managing from a browser tab or a different log in,” Friedrichs said. “What SOAR platforms do is to tie those together and allow you to manage those products very rapidly in the case of an event.”
While automation is being effectively used in today’s security solutions, it’s important to remember that cyberattackers are also increasingly using automation, according to Friedrichs.
“We’re just starting to catch it up and use it effectively to defend ourselves; it will be very interesting to see where it goes,” he said. “Maybe one year from here we will have robot wars and then technologies battling each other to see who wins.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSA Conference NA 2020 | San Francisco. If you don’t think you received an email check your
spam folder.
Sign in to RSA Conference NA 2020 | San Francisco.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For RSA Conference NA 2020 | San Francisco
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSA Conference NA 2020 | San Francisco.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSA Conference NA 2020 | San Francisco. If you don’t think you received an email check your
spam folder.
Sign in to RSA Conference NA 2020 | San Francisco.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to RSA Conference NA 2020 | San Francisco
Please sign in with LinkedIn to continue to RSA Conference NA 2020 | San Francisco. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Oliver Friedrichs, Splunk | RSAC USA 2020
Oliver Friedrichs, VP of Security Products, Splunk, sits down with Jeff Frick at RSAC USA 2020 in San Francisco, CA.
#RSAC #Splunk #theCUBE @SiliconANGLE theCUBE @RSA Conference
https://siliconangle.com/2020/03/02/splunk-leverages-automation-security-solutions-integrates-vendors-rsac/
Splunk leverages automation in security solutions, integrates vendors
BY SILVIA FREGONI
Time is a key element in preventing and responding to cybersecurity threats within an enterprise. To make the most of the security teams’ time, data analysis company Splunk Inc. has been leveraging automation to enhance its enterprise security solutions.
Built on the strengths of Phantom Cyber Inc., bought by Splunk in 2018, the Security Orchestration Automation and Response, or SOAR, technology enables the automation of much work that security analysts would perform manually.
“Typically, if analysts are looking at an event, it would take them 10 minutes best case, 11 hours worst case to analyze that and do all the work that they need to triage it,” said Oliver Friedrichs (pictured), vice president of security products at Splunk. “By automating, we are able to reduce that to a best case of a second and worst case of 10 minutes.”
Friedrichs spoke with Jeff Frick, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the role of automation in contemporary security solutions and how the increasing use of automation also by attackers can create a “robot war.”
Automation helps free up security analyst time
Automation targets many routine tasks to free up analysts to perform more proactive, higher-order activities, according to Friedrichs. “Things that actually require human thought versus the repetitive work,” he said.
But it is not just about replacing the daily tasks of analysts. For example, SOAR has become multipurpose and today integrates over 300 security vendors to allow for total security orchestration, automation and response.
“The typical large enterprise has maybe 60, 70 security products that they are all managing from a browser tab or a different log in,” Friedrichs said. “What SOAR platforms do is to tie those together and allow you to manage those products very rapidly in the case of an event.”
While automation is being effectively used in today’s security solutions, it’s important to remember that cyberattackers are also increasingly using automation, according to Friedrichs.
“We’re just starting to catch it up and use it effectively to defend ourselves; it will be very interesting to see where it goes,” he said. “Maybe one year from here we will have robot wars and then technologies battling each other to see who wins.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference.
