The security operations centers, or SOCs, in organizations are about to get some extra hands to help fight attacks — not from humans, though. Technologies that automate a big chunk of security tasks are gaining popularity, and they’re the best chance society has against the novel technology threat types barreling full speed ahead, according to Haiyan Song (pictured), senior vice president of security markets at Splunk Inc.

Splunk is investing heavily in new security automation technology parallel to the growing trend. By the year 2020, “We envision that 90 percent of the tier-one work that an SOC analyst would be doing will be automated,” Song said.

Splunk also envisions that by that time, there will be a single place for seeing what is happening and orchestrating a response; people will no longer have to go to 20 different places to figure out what’s going on. Splunk wants to be the vendor with the full stack of technologies to make this possible, according to Song. It’s acquisition of Phantom Cyber Inc., a leader in security orchestration, automation and response, earlier this year, is a big step  in the right direction.

Song spoke with Dave Vellante (@dvellante) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Splunk .conf18 event in Lake Buena Vista, Florida. They discussed the future of security automation and how Splunk is fleshing out its security stack. (* Disclosure below.)

Stacking the odds in CSO’s favor

Automatically generated recommendations could cut a lot of time and confusion out of remediation. Splunk’s Data Fabric Search can provide a better signal-to-noise ratio with intelligent insights, according to Song.

“If we have responded to those types of incidents before, we actually would like to give you a recommendation — well, this is what happened before, this is what worked, and why don’t you think about this playbook, and automate this part?”

Customers like New York-Presbyterian Hospital began using Splunk for security but have found the platform comprehensive enough to help them track pharmaceuticals in the fight on the opiate epidemic, Song explained.

“There’s the data layer; there’s the analytics layer; there’s the operation layer. We want to be that company who can bring the full stack, make them work really well, but in the meantime, work well with other data, with other analytics, detection engines, and other ways to operate,” Song concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Splunk .conf18 event. (* Disclosure: TheCUBE is a paid media partner for Splunk .conf18. Neither Splunk Inc., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE