Haiyan Song, Senior Vice President and General Manager, Security Markets, Splunk | @SplunkHaiyan sits down with Dave Vellante, @dvellante & Stu Miniman, @stu at Splunk .conf2018 in Orlando, FL.
#Splunk #Splunkconf18 #theCUBE
https://siliconangle.com/2018/10/08/automation-will-take-huge-bite-off-security-officers-plate-by-2020-splunkconf18/
Automation will take huge bite off security officer’s plate by 2020
The security operations centers, or SOCs, in organizations are about to get some extra hands to help fight attacks — not from humans, though. Technologies that automate a big chunk of security tasks are gaining popularity, and they’re the best chance society has against the novel technology threat types barreling full speed ahead, according to Haiyan Song (pictured), senior vice president of security markets at Splunk Inc.
Splunk is investing heavily in new security automation technology parallel to the growing trend. By the year 2020, “We envision that 90 percent of the tier-one work that an SOC analyst would be doing will be automated,” Song said.
Splunk also envisions that by that time, there will be a single place for seeing what is happening and orchestrating a response; people will no longer have to go to 20 different places to figure out what’s going on. Splunk wants to be the vendor with the full stack of technologies to make this possible, according to Song. It’s acquisition of Phantom Cyber Inc., a leader in security orchestration, automation and response, earlier this year, is a big step in the right direction.
Song spoke with Dave Vellante (@dvellante) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Splunk .conf18 event in Lake Buena Vista, Florida. They discussed the future of security automation and how Splunk is fleshing out its security stack. (* Disclosure below.)
Stacking the odds in CSO’s favor
Automatically generated recommendations could cut a lot of time and confusion out of remediation. Splunk’s Data Fabric Search can provide a better signal-to-noise ratio with intelligent insights, according to Song.
“If we have responded to those types of incidents before, we actually would like to give you a recommendation — well, this is what happened before, this is what worked, and why don’t you think about this playbook, and automate this part?”
Customers like New York-Presbyterian Hospital began using Splunk for security but have found the platform comprehensive enough to help them track pharmaceuticals in the fight on the opiate epidemic, Song explained.
“There’s the data layer; there’s the analytics layer; there’s the operation layer. We want to be that company who can bring the full stack, make them work really well, but in the meantime, work well with other data, with other analytics, detection engines, and other ways to operate,” Song concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Splunk .conf18 event. (* Disclosure: TheCUBE is a paid media partner for Splunk .conf18. Neither Splunk Inc., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Splunk .conf18. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For Splunk .conf18
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for Splunk .conf18.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Splunk .conf18. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to Splunk .conf18
Please sign in with LinkedIn to continue to Splunk .conf18. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Haiyan Song, Splunk | Splunk .conf18
Haiyan Song, Senior Vice President and General Manager, Security Markets, Splunk | @SplunkHaiyan sits down with Dave Vellante, @dvellante & Stu Miniman, @stu at Splunk .conf2018 in Orlando, FL.
#Splunk #Splunkconf18 #theCUBE
https://siliconangle.com/2018/10/08/automation-will-take-huge-bite-off-security-officers-plate-by-2020-splunkconf18/
Automation will take huge bite off security officer’s plate by 2020
The security operations centers, or SOCs, in organizations are about to get some extra hands to help fight attacks — not from humans, though. Technologies that automate a big chunk of security tasks are gaining popularity, and they’re the best chance society has against the novel technology threat types barreling full speed ahead, according to Haiyan Song (pictured), senior vice president of security markets at Splunk Inc.
Splunk is investing heavily in new security automation technology parallel to the growing trend. By the year 2020, “We envision that 90 percent of the tier-one work that an SOC analyst would be doing will be automated,” Song said.
Splunk also envisions that by that time, there will be a single place for seeing what is happening and orchestrating a response; people will no longer have to go to 20 different places to figure out what’s going on. Splunk wants to be the vendor with the full stack of technologies to make this possible, according to Song. It’s acquisition of Phantom Cyber Inc., a leader in security orchestration, automation and response, earlier this year, is a big step in the right direction.
Song spoke with Dave Vellante (@dvellante) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Splunk .conf18 event in Lake Buena Vista, Florida. They discussed the future of security automation and how Splunk is fleshing out its security stack. (* Disclosure below.)
Stacking the odds in CSO’s favor
Automatically generated recommendations could cut a lot of time and confusion out of remediation. Splunk’s Data Fabric Search can provide a better signal-to-noise ratio with intelligent insights, according to Song.
“If we have responded to those types of incidents before, we actually would like to give you a recommendation — well, this is what happened before, this is what worked, and why don’t you think about this playbook, and automate this part?”
Customers like New York-Presbyterian Hospital began using Splunk for security but have found the platform comprehensive enough to help them track pharmaceuticals in the fight on the opiate epidemic, Song explained.
“There’s the data layer; there’s the analytics layer; there’s the operation layer. We want to be that company who can bring the full stack, make them work really well, but in the meantime, work well with other data, with other analytics, detection engines, and other ways to operate,” Song concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Splunk .conf18 event. (* Disclosure: TheCUBE is a paid media partner for Splunk .conf18. Neither Splunk Inc., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
