INFRA
INFRA
INFRA
Automation will take huge bite off security officer’s plate by 2020
The security operations centers, or SOCs, in organizations are about to get some extra hands to help fight attacks — not from humans, though. Technologies that automate a big chunk of security tasks are gaining popularity, and they’re the best chance society has against the novel technology threat types barreling full speed ahead, according to Haiyan Song (pictured), senior vice president of security markets at Splunk Inc.
Splunk is investing heavily in new security automation technology parallel to the growing trend. By the year 2020, “We envision that 90 percent of the tier-one work that an SOC analyst would be doing will be automated,” Song said.
Splunk also envisions that by that time, there will be a single place for seeing what is happening and orchestrating a response; people will no longer have to go to 20 different places to figure out what’s going on. Splunk wants to be the vendor with the full stack of technologies to make this possible, according to Song. It’s acquisition of Phantom Cyber Inc., a leader in security orchestration, automation and response, earlier this year, is a big step in the right direction.
Song spoke with Dave Vellante (@dvellante) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Splunk .conf18 event in Lake Buena Vista, Florida. They discussed the future of security automation and how Splunk is fleshing out its security stack. (* Disclosure below.)
Stacking the odds in CSO’s favor
Automatically generated recommendations could cut a lot of time and confusion out of remediation. Splunk’s Data Fabric Search can provide a better signal-to-noise ratio with intelligent insights, according to Song.
“If we have responded to those types of incidents before, we actually would like to give you a recommendation — well, this is what happened before, this is what worked, and why don’t you think about this playbook, and automate this part?”
Customers like New York-Presbyterian Hospital began using Splunk for security but have found the platform comprehensive enough to help them track pharmaceuticals in the fight on the opiate epidemic, Song explained.
“There’s the data layer; there’s the analytics layer; there’s the operation layer. We want to be that company who can bring the full stack, make them work really well, but in the meantime, work well with other data, with other analytics, detection engines, and other ways to operate,” Song concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Splunk .conf18 event. (* Disclosure: TheCUBE is a paid media partner for Splunk .conf18. Neither Splunk Inc., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
