Mark Seward, Senior Director of Security and Compliance Marketing with Splunk, talked with John Furrier and Dave Vellante at Splunk.conf 2013 in Las Vegas, covering the data management platform and various security issues.

Furrier started the interview by pointing out that a lot of people are using Seward’s product for security and compliance reasons, and asked the security angle for this conference.

“I’ve seen that liberating feeling coming over people. What is liberating is that they’re able to answer questions with what is usually considered to be exhaust gas in the business – the exhaust gas of data that comes out of the servers and applications,” said Seward. “Splunk makes all data secure and relevant, and that makes it unique.”

Asked what were some of the features of the product, Seward replied: “Splunk is trying to make data more accessible and more available to everyone.”

What security people want

“For the most part, people are using the data reactively. The data is the definitive record of all the human-to-machine and machine-to-machine interaction you got inside of your business and inside your agency; it’s the definitive record that you can put together in many ways the 5 W’s of Journalism: Who What Where When and Why – and that’s what security people really want to get as well, and it’s all inside of that data (either through data itself or through correlations amongst the data).”

Vellante wanted to debate a little more on the subject of data’s security relevance, asking if “Splunk is making a safer environment from a National Security standpoint.”

“It’s not that I sleep better because my customers have Splunk, but I’d like to think that,” smiled Seward. “When you take the supply chain for a nuclear reactor, what happens if there’s nothing wrong inside that reactor, but the water supplier is having a problem? Water is needed to cool down the reactor and that’s a potential threat to my being able to properly deal with the problem. I want to be able to take data from my ecosystems of suppliers, to be able to tell if I’m going to have a downstream or upstream problem or not. That’s making us safer in that respect.”

This is just one example of a ‘(if) you see these things (then) take this particular action’ scenario. “We have customers implementing us in that manner all the time.”

Taking the viewers through a series of case scenarios, Mark Seward managed to demonstrate successfully that “Splunk can act like the glue between a lot of different solutions that customers have on the security side.” As for its versatility, “it can act either as a catalyst, or a platform, as Splunk has the ability to talk to other parts of the infrastructure and automate responses.”