David Casey, Flagstar’s Assistant VP & Security Operations Manager.Is In theCUBE

Rather than relying on staff to detect recognizable threats, Flagstar Bank is using Splunk Inc. products and plugins to exercise predictive analytics and address threats from within the security perimeter. The data management platform helped Flagstar build a more proactive security system, said David Casey, the bank’s Assistant VP, Security Operations Manager.

Casey shared a specific security methodology Flagstar uses, called “Block Mode.” Using real time data, Flagstar monitors traffic to and from different sources, including entire countries, using Splunk to watch for spikes that might send up red flags. Casey explained that this method can “kill traffic before it [gets] to the infrastructure, giving [the team] time to patch systems that were vulnerable to the bug.” With this system, Casey said Flagstar has been able “respond as fast as possible” and fix technology that they know is weak. In fact, Casey reported that his team was able to fix issues in less than two and a half hours after a threat was detected.

Splunk also helps Flagstar stay on budget, because eve as threats increase, resources are shrinking, said Casey. It’s why Flagstar relies on automated protection in addition to security staff members. So far, he said, Splunk has enabled him to show value to executives, so “they haven’t said no yet,” to his requests for new technology.

See Casey’s entire segment below.

 .