 Live from Las Vegas, it's theCUBE. Covering Splunk.conf 19, brought to you by Splunk. Okay, welcome back, everyone. So theCUBE's live coverage are our day three of our three days of coverage of .conf from Splunk. This is their 10th anniversary and theCUBE has been there along the way, riding the data wave with them, covering all the action. Our next guest is Jill Terriastro, who's a product stretch of the anomaly who also has a sister in cyber. So she's got the cyber sisters going on. Jill, great to have you on. Looking forward to hearing about your story. Great, thanks, I'm glad to be here. I've been in the security industry for about seven years now. I started when I was 19 and my sister had started before me. She's a few years older than me and she started out doing defense contracting on the cyber side and she just kind of ended up in the internship looking for a summer job and she fell in love. And as I got to kind of learn about what she was doing and how it all worked together, I started to pursue it at Georgia Tech. And I joined our on-campus hackers club, Gray Hat. I was the first female executive, that was fun. I ended up getting an internship from there with ConocoPhillips and Bishop Fox and moved on to the vendor side eventually with a brief stop in security operations. And so you have a computer science degree from Georgia Tech, is that right? I do and I'm actually pursuing my masters in their online masters in cyber security program right now as well. Awesome. Georgia Tech, great school. One of the best computer science programs been following it for years. Amazing graduates come out of there. Yeah, we've got some pretty impressive graduates for sure. So you just jump right into cyber, okay? Male dominated field. More women are coming in more than ever now because there's a big surface area in security. What attracted you to cyber? So I love that it's evolving and it allows you to think about problems in different ways, right? It's a new problem. There's new issues to solve. And I'd been exposed to technology from a young age. I went to an all girls high school which had a really strong focus on STEM. So I took my first computer science class at 15 and it was in an environment of all women that were incredibly supportive. I actually started a scholarship at our high school to get more women to look at technology longer term as career options. And I go back and speak and teach them that technology is more than coding. There's product management. There's customer success. There's sales engineering. There's marketing. There's so much more in the space than just coding. So I've really tried to help the younger generation see that and explore other options. You know, that's a great point. And you know, when I was in the computer science back in the 80s, it was coding. And I got lucky with systems also. A lot of operating systems and Linux revolution was just coming on the scene. But it's more than that. There's data, data analytics. There's a whole creative side of it. There's a nerdy math side. There's a cognitive- The user experience. A huge area. Workflows and processes is something that is so needed in the security industry, right? It's how you do everything. It's how you retain knowledge. It's how you train your new staff. And even just building processes is something that can be tedious, but it can be so powerful. And if that's something you're used to doing, it can be a great skill to build. Well, we were here, it's our third day at the dot-com, our seventh year here. What's your take of Splunk? Because you're coming in, guns blaring in the industry. Yeah. You got your cyber sister. She's at AWS. You see Splunk now. They got a lot of capabilities. Yeah. What's the security conversations like? What are people talking about? What's the top story in your mind here at dot-com for security in Splunk? Yeah, so I'm actually a Splunk certified architect as well. Splunk was one of the first security tools that I really got to play with, so it's near and dear to my heart. And I get to work with, I'm able to read Anomaly, which is a threat intelligence company. And I get to work with our own, our Splunk integration. So what we do is we enable you to bring your intelligence into Splunk to search against all of the logs that you're bringing there to help you find the known bad in your environment. And so that's if you're a Splunk enterprise customer, Splunk Core, but if you're an enterprise security customer, they have the threat intel component of their product, which we integrate with seamlessly. So the component's really easy to work with and we help you manage your intelligence a little bit more effectively so you can significantly reduce your false positive rate while working within the framework you're comfortable in. And one of the- What's the problem statement you guys solve? Is there one specific thing? Yes, there's quite a few issues, right? I would say the biggest thing that we solve is enabling our customers to operationalize their intelligence. There's so much information out there about the known bad and CISOs and CEOs are sending emails every day. Are we impacted? Are we safe? And we enable you to answer those questions very easily and very effectively. One of the other big trends we see is there's an issue in knowledge gaps, right? The industry is evolving so quickly, there's so much to know, data on everything, right? So we have another way that we can work with Splunk that is in a direct integration and it's our product called Anomaly Lens. And what it does is it uses natural language processing to interpret the page that you're on and bring the threat intelligence to you. So if you're looking at a Splunk search page, investigating an incident on brute force and you have a seemingly random list of IPs in front of you and you need to know what does everyone else know about these to make your job easier, you can scan it with Lens and it'll bring the information right there to you. You don't have to go anywhere else. You can stay in the Splunk UI that you love. What's some exciting things you're working on now that you think people should know about that if maybe covered in the press or in the media or in general? What are some exciting areas that are happening? Yeah, so Lens is pretty exciting for us. We just launched that last month. We're doing a lot. So we also have a product called Anomaly Match which is purpose built for threat intel because often what we see is when a breach happens the indicators that you need to know if they're in your environment, they don't come to light until six months to a year later. And then being able to go backwards in time to answer that question of where you impacted can be very difficult and very expensive, right? Anomaly Match is purpose built to answer those questions. So as the indicators become available, you know immediately was I impacted on the order of seconds. So it just enables you to answer your CEOs a little faster, right? And get better visibility into your environment. So when you look at data to everything, how do you see it evolving? As more volume comes in, there's more threat surface area out there. Right, and getting used to increasing space. How should people be thinking about it? As they zoom out, I think architecturally, I got to lay out my enterprise strategy. I bought a few tools that try to be platforms, but I need a broader playbook. I need something bigger to help me. You've got to take a step back and get a little altitude, right? Yeah, take a little step back, yeah. Yeah, so threat intelligence should really be driving your whole security practice. We already know for the most part who's attacking who and what they're trying to do. And so threat intelligence shouldn't just be an integration into Splunk, although that is a critical component of it. It should be informing your security practices, where you stand up offices. There may be locations that are higher risk for you as a particular type of entity. And all this information is available, but you have to just get access to it. You need one place to stop where you can Google the threat intel. And that's what Anomaly Threat Stream, our flagship product aims to do. And Lens just makes it more accessible than ever. Rather than having to go look it up yourself, it brings it to you. And so we're trying to augment the knowledge base without having to memorize everything. That's what we need to do, is we need to find ways to bring this information and make it more accessible so you don't have to look in three tools to find it. So I got to ask you to change topics as the younger generation comes into the industry. One of the things that I'm seeing as a trend is more developers are coming in. It's not just so much dev ops, because cloud's great, we love dev ops, but ops, network ops and security ops are also a big part of it. People are building applications now. So like, you're seeing startups, there's been tech for good startups coming out, where you're seeing great examples of people literally standing up applications with data. What's the young generation, because there's a hacker culture out there that can move fast, solve a problem, but they don't have to provision a lot of stuff. That's what cloud computing does. But now, splunks of the world, data is becoming more accessible. Data is the raw materials to get that asset or that value. What are developers, how do you see the developers programming with data? So they're looking at their jobs and saying, what am I bored doing that I have to do over and over every day? And how can I automate it? So there's a lot of sore technology, Splunk also has phantom, and that's enabling our developers, our younger generation, who grew up around Python and coding to quickly plug a few pieces together and automate half their jobs, which gives them the time to do the really interesting stuff. The stuff that requires human intervention and interpretation and analysis that can't be coded. And it's just giving us more time and more resources. What kind of things are they doing with that extra time? Creative things, pet projects or critical problems? Oh God, so many pet projects. God, what are you interested in? I've seen things being done to like mine Bitcoin on the side, right? To make a little extra cash, that's always fun. I've seen people automate their social media profiles. I've seen threat researchers use scripting to help them find new information on the internet and reshare it to build their public brand. That's a really big component of the younger generation that I don't think was as big in previous generations where your public brand matters more than ever. And so we're bringing that into everything we do. It's not just a job, it's a lifestyle. Sharing's a big ethos too, sharing data. How important is sharing data in the security culture? Oh, it's critical. So, I mean, sharing data's been happening for forever, right? Company A has always been calling up their friend company B, hey, we see this thing, you might want to take a look, but you didn't hear it from me, right? But threat intel platforms, not just that stream, but all of them allow you to share information at a larger scale than ever before. But it also gives you the ability to remain anonymous. Everyone's really scared to put into writing, hey, we saw this at our company because there's the risk of attribution, there's legal requirements, right? But with automated sharing, you can retain a little bit of, you can be a little bit anonymous so you can help the others be protected without exposing yourself to additional risk. Jill, you're awesome to have on theCUBE, love to get the perspective of the young, up and coming. Thank you. Computer science, cyber, cyber sister? Cyber sister. You guys just, where does she work, Amazon? She's over at AWS now. She just moved over a couple of weeks ago. We actually used to work together at Anomaly. She did pre-sales and I did post-sales. It was a lot of fun. And she hooked you into security, didn't she? Oh, she did, for better or worse, although I hope she's not watching. She will, she'll get a clip of this, I'll make sure. Jill, final question, thesplunkthisyear.com. What's your takeaway? What are you going to take back to the office with you or share with your friends as they say, hey, what was the big story happening at Splunk this year? What's going on here this year? The big thing is the data. The data is more accessible than ever before, so we're being challenged by Splunk to find new ways to use it, to innovate new ways. And I think that's kind of been, they're messaging the whole time. Hey, we're giving you the power to do what you want. What are you going to do with it? This is my third Splunk conference in a row, and every year it just gets more and more exciting. I can't wait to see what next year holds. They allow people to deal with data, messy data to good data. Clean it up, make it easy to search across multiple data sources from one command line. Their user experience is the most intuitive I've used in terms of the log management solutions. Jill, great to have you, great insights. Thanks for sharing the data here on theCUBE. Sharing data on theCUBE, as we do. We bring the data out of the guests, we try to create it for you, of course. We're data-driven, we're cube-driven. I'm John Furrier, here from dot-com, the 10th anniversary we've been here from the beginning. Riding the data tsunami waves, waves plural, because there's more waves coming. I'm John Furrier, thanks for watching.