David Casey, Flagstar Bank, at Splunk.conf 2014 with Jeff Kelly and Jeff Frick
@theCUBE
#splunkconf
Rather than relying on staff to detect recognizable threats, Flagstar Bank is using Splunk Inc. products and plugins to exercise predictive analytics and address threats from within the security perimeter. The data management platform helped Flagstar build a more proactive security system, said David Casey, the bank’s Assistant VP, Security Operations Manager.
Casey shared a specific security methodology Flagstar uses, called “Block Mode.” Using real time data, Flagstar monitors traffic to and from different sources, including entire countries, using Splunk to watch for spikes that might send up red flags. Casey explained that this method can “kill traffic before it [gets] to the infrastructure, giving [the team] time to patch systems that were vulnerable to the bug.” With this system, Casey said Flagstar has been able “respond as fast as possible” and fix technology that they know is weak. In fact, Casey reported that his team was able to fix issues in less than two and a half hours after a threat was detected.
Splunk also helps Flagstar stay on budget, because eve as threats increase, resources are shrinking, said Casey. It’s why Flagstar relies on automated protection in addition to security staff members. So far, he said, Splunk has enabled him to show value to executives, so “they haven’t said no yet,” to his requests for new technology.
See Casey’s entire segment below.
.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Splunk.conf 2014 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For Splunk.conf 2014 | Las Vegas
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for Splunk.conf 2014 | Las Vegas.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Splunk.conf 2014 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to Splunk.conf 2014 | Las Vegas
Please sign in with LinkedIn to continue to Splunk.conf 2014 | Las Vegas. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
David Casey, Flagstar Bank | Splunk .conf2014
David Casey, Flagstar Bank, at Splunk.conf 2014 with Jeff Kelly and Jeff Frick
@theCUBE
#splunkconf
Rather than relying on staff to detect recognizable threats, Flagstar Bank is using Splunk Inc. products and plugins to exercise predictive analytics and address threats from within the security perimeter. The data management platform helped Flagstar build a more proactive security system, said David Casey, the bank’s Assistant VP, Security Operations Manager.
Casey shared a specific security methodology Flagstar uses, called “Block Mode.” Using real time data, Flagstar monitors traffic to and from different sources, including entire countries, using Splunk to watch for spikes that might send up red flags. Casey explained that this method can “kill traffic before it [gets] to the infrastructure, giving [the team] time to patch systems that were vulnerable to the bug.” With this system, Casey said Flagstar has been able “respond as fast as possible” and fix technology that they know is weak. In fact, Casey reported that his team was able to fix issues in less than two and a half hours after a threat was detected.
Splunk also helps Flagstar stay on budget, because eve as threats increase, resources are shrinking, said Casey. It’s why Flagstar relies on automated protection in addition to security staff members. So far, he said, Splunk has enabled him to show value to executives, so “they haven’t said no yet,” to his requests for new technology.
See Casey’s entire segment below.
.
