The document discusses Square Enix's journey with security analytics and implementing Elastic. It describes starting with a need for increased visibility and analytics beyond just SIEM. Square Enix chose a hybrid approach, beginning with vendor-specific formats and dashboards and migrating to the Elastic Common Schema (ECS) and SIEM. The solution was designed to address all business needs, scale dynamically, and onboard custom log formats while realizing efficiencies with standard tools. Demonstrating value included correlating across corporate and online systems and using additional telemetry for benefits beyond traditional cybersecurity. The presentation wraps up by noting it is not a race to start perfectly and to consider standard versus custom log sources and the engineering overhead of customization.
2. 2
This presentation and the accompanying oral presentation contain forward-looking statements, including
statements concerning plans for future offerings; the expected strength, performance or benefits of our offerings;
and our future operations and expected performance. These forward-looking statements are subject to the safe
harbor provisions under the Private Securities Litigation Reform Act of 1995. Our expectations and beliefs in light of
currently available information regarding these matters may not materialize. Actual outcomes and results may differ
materially from those contemplated by these forward-looking statements due to uncertainties, risks, and changes in
circumstances, including, but not limited to those related to: the impact of the COVID-19 pandemic on our business
and our customers and partners; our ability to continue to deliver and improve our offerings and successfully
develop new offerings, including security-related product offerings and SaaS offerings; customer acceptance and
purchase of our existing offerings and new offerings, including the expansion and adoption of our SaaS offerings;
our ability to realize value from investments in the business, including R&D investments; our ability to maintain and
expand our user and customer base; our international expansion strategy; our ability to successfully execute our
go-to-market strategy and expand in our existing markets and into new markets, and our ability to forecast
customer retention and expansion; and general market, political, economic and business conditions.
Additional risks and uncertainties that could cause actual outcomes and results to differ materially are included in
our filings with the Securities and Exchange Commission (the “SEC”), including our Annual Report on Form 10-K for
the most recent fiscal year, our quarterly report on Form 10-Q for the most recent fiscal quarter, and any
subsequent reports filed with the SEC. SEC filings are available on the Investor Relations section of Elastic’s
website at ir.elastic.co and the SEC’s website at www.sec.gov.
Any features or functions of services or products referenced in this presentation, or in any presentations, press
releases or public statements, which are not currently available or not currently available as a general availability
release, may not be delivered on time or at all. The development, release, and timing of any features or functionality
described for our products remains at our sole discretion. Customers who purchase our products and services
should make the purchase decisions based upon services and product features and functions that are currently
available.
All statements are made only as of the date of the presentation, and Elastic assumes no obligation to, and does not
currently intend to, update any forward-looking statements or statements relating to features or functions of services
or products, except as required by law.
Forward-Looking Statements
4. Setting the scene
v
• Cyber security professional of some 14
years’ experience
• Lead 4 SIEM projects at multiple
workplaces
• Japanese video game developer and
publisher
• Responsible for technical security and
security engineering across all territories
outside of Japan
6. Starting our journey
v
• Forging a path to increased visibility
and maturity
• Selecting insource vs. outsource
• Needing analytics, ‘not just’ SIEM
• It really is a journey – crawl, then walk,
then run
• It doesn’t happen overnight – start
simple, then iterate
8. Embracing Enterprise
v
• Solution architecture must address all
business needs, corporate and online
• Reduce cost
• Scale dynamically
• Embrace innovation - onboard bespoke
/ non-standard log formats ourselves,
quickly
• But continue to realise ‘out-of-the-box’
efficiencies with standard tools /
formats
12. Demonstrating value
v
• The hybrid approach – starting with
vendor-specific log formats / bespoke
dashboards, then migrating to ECS /
SIEM
• Gamer demand changes over time,
must absorb peaks and troughs
• Correlating across both corporate and
online
• Additional telemetry brings advantages
outside of traditional Cyber, e.g. anti-
cheat
14. Wrapping up
v
• Its not a race, starting clunky is okay
• Consider the nature of your log sources,
standard vs. bespoke
• There is engineering overhead, but it can
be worth it
• More opportunities to exploit your data,
keep it open
• Cast a wide net, benefit from economies
of scale
• Realise ‘multi-lens’ benefits