 Live from the MGM Grand Hotel in Las Vegas. Extracting the signal from the noise. It's theCUBE covering Splunk.com 2015. Brought to you by Splunk. Now, here are your hosts, John Furrier and George Gilbert. Okay, welcome back everyone. We are live here in Las Vegas for Silicon Angles theCUBE's coverage of Splunk Conference 2015, hashtag SplunkConf. I'm John Furrier, the founder of Silicon Angles. Joining my co-host, George Gilbert. We keep on big data analysts. Our next guest, Mike Denning, who's the VP of Global Security at Verizon, Verizon Enterprise. Welcome to theCUBE. Thanks for joining us. Thanks for having me. So, security's huge. We have been talking about it for many years. Verizon Enterprise providing a lot of solutions to businesses. Obviously, this is not the Fios or the consumer or the wireless, really the enterprise, which you guys have done a lot of work over the past six years or so or more. Mainly past five. Cloud is big. Public cloud, private cloud, hybrid cloud, creating secure environment, multi-tenant cloud, and then having an application service model for customers. So what's the update on what you guys are doing and how does this fit into Splunk? Sir, so we're looking at the market overall. We are one of the leading manage security providers today. So as you look across the enterprise, they're looking for managing a very complex environment that involves a lot of data, involves a very rapidly evolving threat, both external and internal threats. And as a result, we were looking for technology components that could really bring all of that data together. We see a lot of data moving across the wire in real time. And you really need to capture all that data. You need to aggregate that data, analyze it in real time, and then take some very quick actions in order to remediate it. And that's kind of what led us to the Splunk technology. So we heard from Ores Town Bank, really small community bank. A lot of businesses operate like this, whether you're banking, whatever vertical, they want the benefits of scale without having to build it all out because the threats and just the costs to just chasing after, you plug one gap, the next bad guy comes in. So security is a moving train and it's a constant struggle. So if you're a small, medium-sized business too, even a large enterprise. Yeah, it's hard. I think it's very hard to attract and retain the talent in the security market in particular. So one of the benefits of a managed services provider is that we can scale. I mean, already we're defending large swaths of the backbone of the internet, large scales of the wireless network. And so we already have acquired the talent and the people required to manage and monitor, disperse very secure networks today. And so for a business like that, they would really want to focus on their core business and oftentimes they'll come to us and say, can you do something where you're monitoring us in real time analyzing the threat landscape? Because that's the real challenge of security today. It's a constant evolving threat landscape. New ways to penetrate the network, users and insider threats are constantly evolving and changing and that's where you have to have strong analytics to combat it. So October 6th for the 9th, we'll be at Amazon re-invent and we hear this all the time. I mean, Amazon has crossed the chasm of being securely legit and they've proven that through the CIA win that they had, that a public cloud player can get the scale and expertise to understand some of those security challenges and then go out and offer a secure environment. Not necessarily being the solution for security across the board, but providing a bullet proof to a degree, SLA based security. How have you guys crossed over in that regard with your customers? Can you share some insight into some of the things you've deployed, best practices, use cases? Yeah, I think one of the specifics are that we don't really care where the environment is, right? So when we are helping, whether it's an on-premise environment, whether it's a remote office, whether it's in the core data centers, where we're looking at events and log information, it's really independent of location. It can be in Amazon, it can be in your own data center or some other, one of Verizon's data centers. So what we're really looking to do is put it that inline security. A lot of things that we're doing today are in partnership with the latest hardware and technology providers, whether it's Palo Alto or Cisco or Fortinet, some of these endpoint devices that are the true gateways, we're launching offerings that are bundling network connectivity with security and then Splunk helps us monitor all those devices and then look for anomalous activity. So as you look at your organization and your customer base, what is the role of machine learning in your job and in the future? How we apply machine learning in particular is that we are looking for use cases. So what we're finding to be the most effective way to spot bad behavior from a security perspective is to build patterns of use cases and that machine learning can be very helpful at articulating and describing what bad activity looks like, whether it's user activity or machine activity to say, hey, this is anomalous. This happened at the wrong time from a wrong geolocation from a server that doesn't usually communicate across the network in this way. So that machine learning is really critical. When you're doing that machine learning, so Splunk has started, has bought some technology to roll into the product. And they make it very clear that machine learning, what they have is applied to security. It's not like we can take some smarts and apply it elsewhere. Are you taking their stuff, training it on your data? Or are you taking new things as well that go beyond what Splunk provides? It's definitely a combination of things. We definitely use and consume what comes kind of out of the box with Splunk. What I think the thing that they're really helping with us is there's a trend in security called continuous monitoring. And it really started in the US public sector, but it's really permeating the compliance requirements across the industry. And Splunk is a very effective tool for not kind of point in time or set up a rule and try to block the activity, but actually that learning and continuously monitoring machines or users that are acting out a pattern. So this would be where the model itself is learning all the time on this, on the data that's streaming in. Right, and so for example, if we see a bad URL or a bad host or server, they usually have a lifespan of about 24 to 48 hours. They're very much a moving target. And so what we're able to do is take that learning, apply it into the Splunk engine, and then the Splunk can help us find that bad activity, whether for a multitude of customers. So this is where kind of scale at applying intelligence in real time creates a really big benefit. Just to be clear, because this is really important. You know, we have this framework systems of intelligence where sort of built on speed, automated decisions, and there's really two pipelines. One is the one where you're learning to figure out what, how do I want to make a decision in an automated way? And the other is applying it. And sometimes the two are the same. And it sounded to me when you just described it that you're taking, you do have two separate pipelines, even though the one that's learning is doing it on continuously streaming data, you then deploy it into Splunk, is that right? That's right. Well, we have deployed into Splunk, but we deploy it across multiple customers. So if you think about the latest breach or the latest attack is very beneficial, you'll see an attack and we see it move across verticals. You know, if you see an attack against one bank, you'll see it against multiple banks. And they do it in very short order, because they realize that a lot of the threat vendors and the hardware vendors are updating their signatures. This is the type of thing where speed really does matter and the ability to kind of apply those learnings very quickly to the rest of the vertical or rest of the industry is a big benefit. What are the key learnings that you could share at the audience around what's happened in the market over the past 18 months and kind of what's the next kind of trajectory because a lot of change has been, and certainly security's been a tailwind for opportunities and challenges as well. What are the key learnings that you could take away and share? I think for us, the shift kind of happened about 18 months ago, maybe 12 months ago, where we said, look, we really want to move out of a compliance-driven approach to security to one that's really a risk-based approach. And as you start to understand risk and the risk landscape, really analytics plays a critical role in that. So our roadmap plans really shift away from just pure device management and monitoring for the sake of becoming compliant, maybe with a security standard, to much more of a risk-based approach that says, look, these are the things that we think you need to do in order to reduce your risk. As most security professionals know, compliance does not equal risk and that's a key element for what I'm seeing in the market really shift very quickly. This is important too for our understanding. So compliance, as we understand it, is like black or white. You're in compliance or not. Risk is, how much are you willing to pay for a certain level of risk? It's a spectrum. Is that the right way to look at it? Yeah, I think that's right. And I think the other way to think about it too is risk involves elements of criticality of that data that you're trying to protect, right? So you have to understand where your critical assets are. You have to understand the landscape with which your environment. You also have to understand the types of adversaries you're potentially facing and the type of organizations or entities that could benefit from that data. So the risk is your, in context, I think is really important of what's critical to you, what you really need to protect, how much you need to invest to protect it. So what's the challenges for Verizon going forward? We see you guys doing some good stuff out there. Again, Dave Vellante is not here, commented. Even two years ago, the service provider market, certainly cloud service providers, kind of got a, kind of were kind of getting built out in real time. Amazon was doing well. And of course it's a little bit different, right? So the Amazon's public cloud, kicking ass, taking names, we see that happening. And of course it's a different ball game, right? So the joke on the Cube is it's a, you know, what inning are we in? Well, it's a double header. Game one was swept by 10 nothing by Amazon. Game two is enterprise, completely different ball game. Yeah, I think where we're thinking about the market at Verizon Enterprise is the combination of kind of infrastructure services that includes the network. So it's in context of what's the most secure way to move the data around the network? There's the element of the infrastructure itself. Where is the data residing? And then the security element. So the combination of our strategy really includes network infrastructure and security in working in concerts. So the way we think about it really is in data loads and where are production workloads resident? And how do you make them secure? How do you move them most efficiently? And there's a variety of things that you can do depending on the quality of the applications and how much, you know, how fast you have to move that data. If you string together different solutions based on the application that you're trying to support. Just a quick follow up on that. When you talk about sort of the network and its security, where the data resides, the overall, I guess, security posture or policy, these are three not independent knobs. They're like, you can turn this one a little and that one a little, and that's the risk based approach. That's right. It's not black or white. That's right. That's where you look at the network, the infrastructure and the security in tandem. And so you might have an application where data residency is very important and security, and you dial those knobs up. Maybe latency is a critical component and that's the kind of thing where you really dial up the network, go to more of a private type of network and really pull it out of the public domain. So those are all kind of dials, you know, public, private, high security, high level of control versus lower levels of control. Just final question. I'm going to get tight on time here, but just kind of, since we got you here, network function, virtualization, role of virtualization in general, any new technologies that you see out on the horizon that are going to be compelling for you guys? Yeah, I think the software defined network or software defined perimeter is definitely gaining a lot of steam from a Verizon perspective. And we're doing it both from a network perspective, but in concert with security. So I think the software defined networking is something that we see gaining a lot of speed. Now that's definitely a Verizon centric perspective. But the other thing is we see that with our investment in security, we have a competitive advantage there. Final, final question, which means it's a good interview when I got two final questions. DevOps, what does that mean to you? DevOps for Verizon, I see agile programming is the new normal. The thing for us, we've been a lot of benefit from kind of co-locating the operators with the folks that are building the tools. We have really taken approach to take best of greed, software and hardware. That's kind of what led us to slump in the first place. So we really focus on the, when you say operator for us, we are a managed service provider, so we are an extension of the ops of the enterprises that we serve. Our developers are often co-located with the folks in our security operation center globally. You're the ops in debt, you enable them to do development on your ops. Absolutely right. And we take the best of greed software and make it work and run better because we're applying our real time threat intelligence and our network visibility into those analytics engines. Mike, thanks so much for sharing your insight and data. I'll give you the final word, quickly summarize what's the show about here at Splunk? What's the vibe? What's the real walkway? For the folks that aren't here on the ground feeling it and seeing it, what's happening? There's definitely a very positive vibe inside the audience. There's a great energy. I think from a security perspective, looking at the investments that Splunk is making, both organic and unorganic are really showing their series about supporting the security market and supporting managed security providers like ourselves as we really advance it into the marketplace. Mike Denning, VP of Global Security at Verizon Enterprise at theCUBE. Splunk is serious about security. Well, obviously that's the theme here. And we're going to hear about the cloud as well and a bunch of the ecosystem activity. This is theCUBE covering the live event of dot-conference 2015 here in Las Vegas live at the MGM. We'll be back with more through the short break.