Some might say that Splunk is undergoing an identity crisis.
The company is widely regarded as a security company, particularly among federal customers. And there's a strong case to be made for that, when you consider that one customer in the Pentagon managed to fence off a Trojan horse before it infiltrated systems, thanks to a discovery of the malware — the same malware that took down the network of the rest of the office for a couple weeks
.But it certainly is a formidable big data player too. You might narrow that definition to data analytics even, particularly when you consider Splunk's software was rolled into Lockheed Martin's autonomic logistics information system, or ALIS, which is used to monitor readiness of its F-35 fighter jet fleet.
Does it matter? Not so much. CEO Godfrey Sullivan sees it as a progression. He spoke to Federal Times Editor Jill Aitoro on Oct. 22 at the company's GovSummit event in Washington, D.C., which drew about 1,000 people.
So tell me, is Splunk a security company or a big data company?
In public sector, the first vector — the primary use case — tends to be security. Everything else come later. And [federal customers] don't differentiate security from big data. Security happens to be a big data problem. They're not focused on big data, they're focused on security and the data they're trying to derive from it. Data is the underlying element that helps deliver the outcome of a more secure environment.
In commercial, we see a wider swath of use cases related to customer, business analytics. The federal market is a little behind in terms of using machine data to improve the customer experience, whereas for a profit driven enterprise, that would be top of mind.
I know you support Lockheed Martin with its F-35 work. Are systems integrators the preferable route to federal work?
Agencies are often using it before we get there. Once we arrive and help them in a formal way, the partnerships become important. We announced one with Booz Allen [Hamilton]; they've been super useful in terms of helping with the human change management that agencies are going through, helping to deal with this advanced threat environment. It's a combination of technology and partnership to deliver customer success.
Looking at high profile breaches lately – OPM of course, but even some of the big retailers – what can be learned?
If we've learned anything about advanced threats it's that they're changing every day. You can't hope that it won't happen. What you have to have is a fast response when it does. I think that's part of preparedness — know you have the right tools. Tech is a part of it, as well as internal processes to know you are able to move quickly when conditions change.