In this BSA series – “Why AI?” – enterprise software leaders explain in their own words how artificial intelligence (AI) is having a positive impact on individuals, businesses, and organizations worldwide. In this submission, Splunk Chief Information Security Officer Jason Lee writes about integrating AI to unlock insights in security and observability domains.
1. Why AI?
Splunk recognizes Artificial Intelligence (AI) as a pivotal force in advancing digital resilience, and expediting decision-making in incident detection, investigation, and response. Despite potential issues around compliance and expanded attack surfaces, AI offers significant opportunities for security, IT operations, and engineering teams. AI fosters efficiency and productivity by automating data analysis, providing context, and enhancing learning curves. Splunk’s approach to AI revolves around three principles: domain and Splunk-specific, human-in-the-loop collaboration, and openness for customization. Since 2015, Splunk has integrated AI into its products, employing machine learning for core search capabilities, security, and observability use cases. Splunk envisions a robust integration of AI into SecOps, ITOps, and engineering workflows, aiming to enhance users’ ability to detect, investigate, and respond to incidents swiftly. The goal is to unlock insights in security and observability domains, empowering organizations to achieve greater digital resilience through advanced AI capabilities in Splunk products.
2. Can you give an example?
We are committed to helping our customers achieve digital resilience and remain dedicated to ensuring they are prepared for the constantly changing threat landscape. For example, a large cloud company is leveraging Splunk’s Machine Learning Toolkit to detect anomalies in extensive datasets that may have otherwise remained undetected with traditional signature-based methods. By incorporating robust machine learning models within Splunk, they eliminate the need for a separate infrastructure for advanced analytics, saving time and resources.
We’re also working closely with BMW Group which wanted to further increase individual vehicle quality by detecting more error patterns with the same testing resources and correcting issues during assembly. With Splunk, BMW Group integrates machine learning models and data for predictive testing that identifies potential quality issues by specific vehicle configurations to be addressed during assembly, operationalizes learning models and data flowing to Splunk, enabling predictive testing and visualization that improves cost, quality, and productivity, and much more. We can offer the flexibility and openness needed by researchers and developers to put ideas into practice.
3. Where can we learn more?
To learn more about Splunk’s innovative approach to AI, you can visit our website and blog on catalyzing digital resilience in cybersecurity and observability with Splunk AI. Also, check out some of the coverage we’ve received in publications like VentureBeat and Infoworld highlighting what we’re doing!
About the author:
Jason Lee is Chief Information Security Officer at Splunk, where he oversees all facets of global security to protect Splunk employees and customers, including cloud and application security, operations, threat management, penetration testing, risk, and customer trust.
