Splunk Adds Behavioral Analytics to Boost Its Security Stance
VIDEO: Muddu Sudhakar, Splunk's VP and GM of security, and Haiyan Song, the company's SVP of security markets, discuss the technology behind behavioral analytics.Data analytics provider Splunk is forging ahead with expanding its security capabilities, thanks in part to the July acquisition of behavioral analytics vendor Caspida for $190 million. In a video interview with eWEEK, Muddu Sudhakar, former CEO of Caspida, and Haiyan Song, senior vice president of security markets at Splunk, provide some insight into how the Caspida and Splunk technologies work together Song said that Splunk was looking for capabilities that make use of machine learning and data science to do more automated analysis. It found those capabilities in Caspida. "A lot of attacks happen based on compromised credentials," Song said. "So behavioral analytics based on users and based on entities is very important." In order to do behavioral analysis, there needs to be access to data, and that's an area where Splunk excels, said Sudhakar, who is now vice president and general manager of security at Splunk. Data sources collected by Splunk include ActiveDirectory, firewall, file system and end-point logs.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.