As networks and storage access forms diversify, the organizations responsible for providing security to those many forms are finding a need for toolsets that can be easily adapted to meet individual needs while retaining interoperability and ease of communication.

At this year’s Splunk.conf event, Duane Waddle, security engineer at Defense Point Security LLC, and Mike Fluharty, VP of Security Engineering and Architecture at Defense Point Security, joined John Walls (@JohnWalls21) and John Furrier (@furrier), cohosts of theCUBE, from the SiliconANGLE Media team, to talk about Splunk’s uses for its work and the increasing need for flexibility in its security responses.

More than tools

Early on, Fluharty helped lay out the mindset behind Defense Point Security’s usage of Splunk.

“In general, the idea is … if you have a tool that can go do a business context and a business use-case, that business use-case is what you can drive security through,” he explained. “So we wholeheartedly believe in Splunk as a tool for everyone and the ability to aggregate all of this data and make intelligent decisions off of that. That’s the reason why we are so invested in the toolset itself.”

He continued: “Security tools can’t just be security tools anymore. There’s no time for just a sim; there has to be a sim and a way to go build business intelligence out of things.”

Working for the customers

Fluharty also touched on Splunk’s neutrality in the context of how Defense Point Security brings its services to the company’s customers. “We’re not reselling a product, so therefore we can make the best decisions for the company.”

That ease of adjustment also applies to scaling, as Waddle explained: “We’ve got customers who do Splunk in the very large, multi-terabytes a day, and it’s kind of driving their whole security operations. And then we have some who, frankly, they’re very small and trying to come up with being able to do those same techniques without necessarily having the ability to deploy a whole team of people to do Splunk.”

He added: “And it can be a challenge, just because any tool you invest in, you’ve got to have a certain amount of people to also support that tool.”

Security tools

Moving through a quick discussion of how Defense Point Security handles securing attack vectors, Fluharty addressed the versatility of Splunk’s tools in its work: “The idea is to build a toolset that has business relevance, and that we can actually take and go make into something that has security expertise individuals to go get that in there.”

But as many situations as it has been able to handle with Splunk so far, Fluharty recognized that Defense Point Security eventually needs to take a step back and consider how to refit its whole approach. “Technology is innately a thing where, every five years, you need to rethink on how you’re doing things,” he said. “Big Data analytics may or may not be the end of that paradigm. The idea of being able to take data … and being able to basically munch that into things that are necessary for different operational units is really where the industry’s going.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of Splunk.conf 2016.

Photo by SiliconANGLE