To that end, Splunk introduced something it calls “Glass Tables” that allows Splunk administrators to customize their views of the data and pivot from one data point to another without needing to master the Splunk Processing Language (SPL).
Splunk phantom cybersecure software#
To address this growing shortage, Splunk is intent on making its software more intuitive so its users can be more productive. According to ESG research, 46% of organizations have a “problematic shortage” of cybersecurity skills in 2016. Simplify security analytics and operations with intuitive tools. Splunk declared that its goal is to marry machine learning with enterprise scale, and judging from some of my meetings it is hiring resources to make this vision a reality.ģ.
Yes, machine learning is still an immature area but Splunk is jumping in with both feet by adding “data scientists in a box” that allow security professionals to change threat investigations or risk management tasks without having to twiddle bits in machine learning algorithms. Fast forward to 2016 and Splunk is adding machine learning capabilities to its core platforms including ITSM and security. An enterprise-class commitment to machine learning. Splunk gained machine learning capabilities with its 2015 acquisition of Caspida for UBA, but this is a separate product for a specific use case. For now, Splunk doesn’t see itself as an IR automation and orchestration platform for complex enterprise environments (in fact, Phantom and ServiceNow were both exhibiting at the event) but it does want to use its position and market power to make IR connections, data flows, and tasks easier and more effective for security and IT personnel alike.Ģ. It now wants to extend this position from analytics to incident response by building IR capabilities into its own software and extending this architecture to partners through APIs, workflows, and automation. Splunk often acts as a security nexus for its customers, integrating disparate data into a common platform. An ecosystem and architecture for incident response. To that end, Splunk really highlighted three enhancements for its enterprise security product:ġ. Given the state of the cybersecurity market, Splunk wants to work with existing customers and get new ones to join in to build on this financial and market success. Not surprisingly then, security now represents around 40% of Splunk’s revenue. Since I started watching Splunk years ago, the company climbed from a freemium log management and query tool for IT and security nerds to one of the leading security analytics and operations platform.
I attended the Splunk user conference earlier last week (Conf2016) and came away pretty impressed.
0 kommentar(er)
