 Live from the Walt Disney World Swan and Dolphin Resort in Orlando, Florida, it's theCUBE. Covering Splunk.com 2016, brought to you by Splunk. Now, here are your hosts, John Furrier and John Wall. And welcome back here on theCUBE, the flagship broadcast of SiliconANGLE TV as we like to do as John Furrier so to extract the signal from the noise that a lot of noise here on the show floor at dot-com 2016, that's a good sign. Along with John, I'm John Walls. We're joined by two gentlemen from Defense Point Security, a big cyber security provider. Mike Flority, who is the vice president of security engineering, Mike, glad to have you with us. And Dwayne Watto is a security engineer at Defense Point. Dwayne, good to see you, sir. First off, the Fez, somebody at home might say, why, you know, why is he wearing the Fez? That really is, I'll let you tell more about it, but part of the Splunk Trust MVP program, you have earned that by acclimation of a pretty big user group with whom you work. So tell me a little bit more about that. Yeah, so the Splunk Trust, it's Splunk's community kind of ambassador thing. So the folks who are doing user groups or Splunk answers or participating in the chat stuff we do on Slack or maybe they publish a lot of code. Folks who are helpful in the community, Splunk gives the trust membership out every year to a select group of those to kind of let them represent the best of the community and what we're trying to do in terms of helping people. Well, congratulations. Thank you. On the honor, and Mike, I'm sure you're glad to have a guy like that on your piece, right? It's well worth it, man. This guy is one of our hardest workers, so definitely. I said about the community, we were talking about last night on our wrap up in this morning with the security announcements that Splunk is kind of, has a nice trajectory and it's kind of a trajectory you wouldn't have thought Splunk would be at if a few years ago when they started, but the growth in the aspect of security has made Splunk a perfect enabler to come at this new dynamic of security. And they talked about it last year, so it's not new to the strategy, but what is new is the role of the community's playing and what's interesting and what we're observing and reporting is that Splunk not only has a product for security, but the communities are coming together organically across company, okay? Oh, absolutely. Can you guys add some color to that? Because this is a brand new industry dynamic that actually is changing the game on how people are configuring their assets and the data assets in particular. Yeah, so I guess I'll take that one. So, I mean, in general, the idea is, and you know, our company in general is a security company, right? And that's what we do and that's what we excel at. But the idea is that if you have a tool that can go do a business context and a business use case, that business use case is what you can drive security through. So we wholeheartedly believe in the Splunk as a tool for everyone and the ability to aggregate all of this data and make intelligent decisions off of that. That's the reason why we are so invested in the tool set itself as well as have put a lot of time and a lot of people like Dwayne who are going out there and kind of being these large-scale ambassadors. So to your point or to your question, the reason that you're seeing that trend is because security tools can't just be security tools anymore. There's no time for just a SIM. There has to be a SIM and a way to go build business intelligence out of things. And you guys are in the middle of all the action. Can you take a minute and just explain what you guys do and then how you guys are interacting with Splunk? Yeah, absolutely. So we are DefensePoint Security. We're a security services company based out of Alexandria, Virginia. We're about 200 individuals. Security capital of the world. Yeah, security has security capital of the world. Yeah, yeah, yeah. So we actually have both, you know, federal and commercial side contracts. We do a lot of different things with Splunk. Specifically, we have large-scale DHS contracts in a couple other places where we build these things out and actually build this operational intelligence kind of like what I'm talking about. Overall, our focus is, again, wholly- But you're directly with the customer. Your customer is the Splunk's end customer. Yeah, correct, correct. So we are only a services company. All we do is services. We've been around for about six years. Like I said, we're 200 people, right? So we're growing very rapidly in what we're doing. But again, it's only on security services side and that allows us to kind of be like a trusted advisor to the government. So therefore we can make these decisions and help the government with these technology decisions in a way that's unbiased. We're not reselling a product so therefore we can make the best decision for the government. You must have a great pipeline with customers, obviously, but the federal side, no, end commercials. Perfect storm, massive growth. I'm sure you guys have got a lot of hiring needs. Watching, great opportunities. We're at 1.4 million jobs open right now in cyber. It's incredible. A lot of machine learning, a lot of cool tech stuff. How are you guys deploying Splunk? And how does it, I mean, you can't really reveal some of the secrets, but what are some of the use cases where Splunk's winning for you guys? And how does that impact the customer and how are they operationalizing it, if you will? Yeah. Well, some of our, we've got customers who do Splunk in the very large where, you know, multi terabyte today and it's kind of driving their whole security operations. And then we have some who are, frankly, they're very small and trying to come up with being able to do those same techniques without necessarily having the ability to deploy a whole team of people to do Splunk. You know, and it can be a challenge just because, you know, any tool you invest in, you've got to have a certain amount of people to also support that tool. And even though there's several thousand customers here this week, it's really hard to find good Splunk people right now. And I know for us, we're looking for people all the time. We've got customers that are looking for people all the time and it's difficult. So what are the traffic flows on security? Obviously, you know, that's a big issue. How do you guys look at that? How does, how do you guys talk to customers around how to manage the attack vectors? Is it a flow game? I mean, so attack vectors is an interesting thing, right? It's, again, it's your contextualizing to the landscape of a specific entity, whether it be federal, commercial or whatever it is. So, you know, from a flow perspective, you have to take into account a couple different things. Number one is the business value. I mean, we're always going to harp on that because we understand that that's, you know, how we're funded. That's how we have our jobs is the business relevance is because security in and of itself is something that costs money. It's not a money maker. However, it is something that prevents the money since they're high. Exactly, right? Problems important. Yeah, and we've seen things in recent memory, right? Where you have Target, you have all these large reaches to OPM, all these different things that have occurred. And the idea is to build a tool set that, again, has business relevance and that we can actually take and go make into something that has, you know, security expertise individuals to go get that in there. So, yeah. Yeah, we've heard a lot about disruptive thinking and new approaches to security. You guys haven't been around long enough to have an old way of doing things, right? You know, in the six years. But in terms of that, generally speaking, when you talk about the community, when you talk about what's going on, future trends and all that. Does that paradigm shift work for you? Does that make sense that it's about, you know, looking at the problem maybe through a different prism because the old way of doing things is this is not cutting it right now. Yeah, absolutely. So, I think that the big thing, and you can correct me if I'm wrong too, I think that the big thing here is that you will always see paradigm shifts because of the fact that that's how technology works. Technology is innately a thing where every five years you need to rethink on how you're doing things. Big data analytics may or may not be the end of that paradigm, right? The idea of being able to take data, again, data's the king. If you have data, then you have the ability to make rational decisions and objective decisions as opposed to subjective side. That data and being able to basically munch that into things that are necessary for different operational units is really where, you know, the industry's going. As opposed to pure SIM or everything else that used to be there, it's not that way anymore. It's the ability to take a lot of data and build, you know, we have a phrase that we've coined, it's called high confidence content. We build high confidence content for our individuals based upon the amount of data that we can get in. And to your original point last time, that's how we actually do things. The flow of data, the ability to make decisions, the decision making tree is all based upon the data that we have and from a big data analytic perspective, making a security use case out of that, so. The data's critical obviously, you need the data. And you have so much data and I'm really excited about the machine learning stuff. You know, I know that Splunk's put a huge investment in machine learning and I'm really excited to see the features in 6.5 that enable that more and see how that works out from a security use case just because there's, you sit as an analyst and you look at this, even though you have a great big data tool, you're still inundated with things to go look at, research, review. We need something to help make that better and it seems like machine learning is right now our very best bet at that. We had Rahman who was the startup that they invested in, they made that announcement on Monday. We were having a great chat and one of the things we talked about was, and he mentioned, and this was back to the machine learning, things that's exciting is the unsupervised nature of these IT operations wants the threats in. They have their way, right? So, you know, it's a cat and mouse game and so like John said about this new way is, you got to beat the cat and mouse game with a better cat and mouse game so one of the things that Splunk has is data. So this integration of data and syncing data becomes a huge challenge for customers. So machine learning is a nice new tool. The unsupervised ones, I'm not sure I haven't looked at the kit yet but if they have that unsupervised machine learning. And at the core of that too, right? Is the people that are doing that, right? It's the people that are building that intelligence behind it. So not only is the tool set awesome but you have the individuals who are making that smart decision behind it. Yeah, and there's no panacea. So I mean, you're at a great point. I want to get your thoughts on this so you guys can share your some insight. There's no machines can't do it all by themselves. You got to have a human machine relationship. And this is where training the machines if you will kind of an AI fantasy way becomes the future path and the machine learning is a step there. What is the role of the configuration of the human involved? Because the IT ops guys want to automate everything. They want to use scale as their friend, right? So that's cool. How do you guys advise clients? How do you guys deploy? How does IT ops leverage the IT personnel to maximize their execution? Well, to me, when we talk about good security, good security is really doing the little things right. If you talk about automated things. Yeah, little things. If you don't have your patching stuff down right then you should focus on that. That's core to being able to keep things secure. You've got to know what's on your network. You know, all the things that the Controls tell you, they're very fundamental, but you have to be able to execute on those fundamentals. And the problems that customers have is they don't have enough bodies to run the tools to keep all of those fundamentals executed with basically 100% actors. Are there too many tools out there? I mean, are people being inundated? I've kind of, we hear that as like, damn, another tool. Another training class or another tool that promises, I mean, it's a tsunami of platforms and tools. I think that, yes and no. Too many tools means that people are trying to innovate. Innovation is good. The problem is is that when everyone is selling and everyone is trying to make their profit and that's what the job is, that's where you start running into that there's too many tools conversation. Oh, well, this is the next best thing because of this and here's the amount of money. It really comes down to, it really is a 80% role for me, right? It's, I want to have, if I've done 80% of the security for my organization, that means that I'm running, I'm doing stuff and I'm more than zero. That's kind of a phrase that a good friend of mine, our VP of R&D, Jason Ashbaugh of Coin, it's more than zero security. A lot of times we always look at, we need to be perfect in everything. It's not realistic. It's not how things work. It's not how businesses work. We try to do the best that we can based upon that and basically the tool inundation there, yes, there's a lot of them. And yes, some will come and go, but that is how we innovate at the same time. So it's not too many tools, but it is a lot of tools and you need the people, again, going back to the people conversation to help make that decision and to have that unbiased decision for the political landscape. I love the fundamentals conversations. We like to use sports analogies. It's like a baseball team. You got to go out and have some practice, feel some ground balls, throw the first base, catch and throw. Fundamentals are really critical. So that's cool and that's kind of like how you evaluate your team and have reps. Hey, we're having a practice. Security practice, hackathon or whatever. No, this is going on. People are doing this, it's really cool. The question though is now what's next for you guys? So as you guys walk out of the dot-com this year, the business is moving, probably Mach 100 for you guys, I can imagine how fast it's moving. What's next? What do you guys take back to the ranch? What do you guys operationalize? What are the things that you're doing now that you're focused on? Yeah, so in general, so we have one of the largest, in my opinion, and based on what we've done. So we were Splunk part of the year 2015 and a bunch of other things as far as the company goes. And we're doing a huge investment in people for Splunk. And again, nothing about our business is going to change. Our business is people. Our business, that is our product. We will never be a product reseller. We are the people who go recommend the correct product for the right job. Splunk is most oftentimes that product. And to take it back, what we're doing is we're also building in the, again to the business context side, the ITSIs, the UBA, the user behavior analytics side. Those things that are kind of the next step of this. And then from Dwayne's side, I mean, you do all sorts of customizations, so. We've done, customers will have us do some really awesome, but sometimes crazy customizations. And it's really fun work, but it's very challenging to figure out, okay, how do I take this very malleable tool that is Splunk that is the, kind of the tool over all the tools and force it in a direction that, maybe the product team has not, they didn't think of exactly that use case. There's always a new use case. It blows me away about Splunk and what covering them for so many years is that, this is a zillion use cases. The creativity is interesting, right? And you bring up the point about personnel and fundamentals earlier. Also a mismatch in sports, having the wrong player in the wrong position. So deploying the right resource from the wrong problem is a lot of people make that mistake. Splunk can solve that problem because if you can. You wouldn't put a defensive tackle by receiver, right? I mean, like that. Unless you're the Patriots in the quarterback. That's true, yeah, yeah, yeah, yeah, yeah. Why receiver? Personnel utilization is really critical. You want the right people on the right problems, right? I mean, that's at the end of the day, one big thing, but if you automate with Splunk, and that's something that I'm really proud of the way that we do that stuff. I'm not originally a security person. I came into this from the IT ops world. I was a sysad man for a really long time, focused on the engineering and the servers and so forth. And it took these guys a long time to convince me that, no, that's really relevant to what we did. You must have natural talent to go, because that's all my security friends. He's the right player in the right position. And we've got other folks on our team who started out doing security for a living, and we work really well side by side together. My co-worker George and I, we've got a talk tomorrow where this is the third Conf in a row that we've spoken together. And we've put together some really good examples of how to use Splunk in occasionally obscure ways. And there's always a good- Cultural blending, right? I mean, you're bringing together two worlds, right, almost. And he is much better at the security side of things than I am. And I am much better at the operation side than he is, but we work really well together. And frankly, both of our customers benefit from that. Well, it's a good team. It's a working, obviously, defense point. You guys are making it happen. Yeah, yeah. Thanks for joining us and Dwayne again. Congratulations on the honor. Thank you. It's been such an important part of that community. I know that Splunk community can't exist without people like you collaborating and helping. So good job on that. Thank you. And that's one of the things that I really like about the community. We don't, you know, it's not, well, I work for Defense Point and these guys over here work for another company that does Splunk services. We help each other all the time. It's a new social network. Yeah. And it's not like we look at him and go, I can't help Dave because he works for them. We don't, you know, the community goes beyond that level of... It's not Red Sox Yankees, but it's... Yeah, yeah, yeah, yeah. Gentlemen, thank you again for joining us. You guys are really unique in this Splunk world. You bet. Thank you. Absolutely. Thank you much. Thank you, guys. You can attend us here at .com. 2016 is from Orlando.