Trending / September 30, 2016

Highlights from .conf2016: The 7th Annual Splunk Conference

 splunkconfblog-1          splunkconfblog-2

The first couple of days of Splunk’s .conf2016 have not disappointed—with an impressive lineup of customer and partner, presenters and attendees. Splunk’s customer, Equinix, shared the keynote stage, followed by talks from leading companies including Amazon, Accenture, and Palo Alto Networks, to more engaging presentations and participation by 450+ security partners. The conference exemplified our #wefightsmart belief that no one company can do it all.

The conference message was clear –  by leveraging each security company’s strengths and building on the expertise of all, we can realize the maximum potential of available technology and build the strongest defenses against those threat actors trying to infiltrate our networks.

Key .conf2016 Takeaways

From my vantage point as a first-time conference attendee, I was drawn to a couple of standout points:

Strengthened AWS partnership:

Previously, Splunk made a commitment to public cloud, particularly with AWS. At .conf2016, Splunk CEO Doug Merritt announced a closer partnership and greater marketing push from both companies for their joint offering – including free licenses for prospects to try out the solution.

Splunk® Enterprise is an ideal cloud application. Scalable processing and storage are the natural partners for a tool that exists to ingest and analyze data. But Splunk is also very important to Amazon. Just as the new Gigamon AWS offering will remove visibility barriers that have made companies resistant to migrating vital workloads into the public cloud, the availability of Splunk’s software, too, will reduce objections to making the move. The access to analytics, IT Ops dashboards and especially, security analysis will increase confidence that public cloud can be just as reliable and secure as private solutions.

Adaptive Response:

I was interested to hear of the increased adoption of the Adaptive Response Initiative. It’s Splunk’s program to enable collaborative architectures so their customers can extend analytics-driven decisions across a multi-vendor security technology stack.

With so many of our eco-system partners’ tools feeding alerts into the Splunk platform and the power of Splunk’s security analytics and investigation capabilities, Adaptive Response seems custom-made for exercising the Gigamon REST APIs.

Imagine the value and power of automation with Splunk Enterprise that identifies suspicious behavior on a particular endpoint or network segment, and automatically configures GigaSECURE to send precisely, the suspect traffic into Splunk Stream for further investigation. During the Splunk conference, I spoke to customers and partners who suggested similar use cases for this functionality.

Gigamon and Splunk Customers

Speaking of customers, it was highly gratifying to see so many Gigamon customers at the conference. We enjoyed talking about the myriad of ways our customers are using our visibility fabric – and suggesting new things for them to try. It was somewhat eye-opening that many organizations have not been feeding traffic information – as packets or metadata – into Splunk app for Stream (network packets), Splunk Enterprise Security or the Splunk App for IP/Fix (for metadata). For more information, check out our recent blog entitled Gigamon and Splunk: Using Metadata to Improve Security Visibility and our Gigamon Visibility App for Splunk .

My colleague Jai Balasubramaniyan and I were interviewed by our friends at theCUBE. Here’s the story and video entitled, “Peeling the network onion | #splunkconf16,” examining how organizations are successfully leveraging network metadata to increase the efficiency of security tools.

Back to top