Die Rolle von KI in der digitalen Widerstandsfähigkeit - Splunk Public Sector Summit 2024 in Frankfurt Sprecher: Philipp Drieger (Global Principal Machine Learning Architect)

1. © 2024 SPLUNK INC.
Public Sector Summit 2024
Die Rolle von KI
in der digitalen
Widerstandsfähigkeit

2. © 2024 SPLUNK INC.
Philipp Drieger
Global Principal Machine Learning Architect
09+ years with Splunk
14+ years specialization in “AI”
21+ years experience in software
04 splunkbase apps with 36k+ downloads
04 patent contributions

3. Forward-
looking
statements
This presentation may contain forward-looking statements regarding future events, plans or the expected financial
performance of our company, including our expectations regarding our products, technology, strategy, customers,
markets, acquisitions and investments. These statements reflect management’s current expectations, estimates and
assumptions based on the information currently available to us. These forward-looking statements are not
guarantees of future performance and involve significant risks, uncertainties and other factors that may cause our
actual results, performance or achievements to be materially different from results, performance or achievements
expressed or implied by the forward-looking statements contained in this presentation.
For additional information about factors that could cause actual results to differ materially from those described in
the forward-looking statements made in this presentation, please refer to our periodic reports and other filings with
the SEC, including the risk factors identified in our most recent quarterly reports on Form 10-Q and annual reports on
Form 10-K, copies of which may be obtained by visiting the Splunk Investor Relations website at
www.investors.splunk.com or the SEC's website at www.sec.gov. The forward-looking statements made in this
presentation are made as of the time and date of this presentation. If reviewed after the initial presentation, even if
made available by us, on our website or otherwise, it may not contain current or accurate information. We disclaim
any obligation to update or revise any forward-looking statement based on new information, future events or
otherwise, except as required by applicable law.
In addition, any information about our roadmap outlines our general product direction and is subject to change at
any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other
commitment. We undertake no obligation either to develop the features or functionalities described, in beta or in
preview (used interchangeably), or to include any such feature or functionality in a future release.
Splunk, Splunk> and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United
States and other countries. All other brand names, product names or trademarks belong to their respective owners.
© 2024 Splunk Inc. All rights reserved.
© 2024 SPLUNK INC.

4. © 2024 SPLUNK INC.
What is AI and Machine Learning?
Artificial Intelligence (AI) - capability of a computer system to mimic
human cognitive functions such as learning and problem-solving
Machine Learning (ML) - subset of AI that uses mathematical models
of data to help a computer learn without direct instruction
Deep Learning (DL) - subset of ML that uses computationally intense
ML models inspired by the “deep” layers of the biological neural
network of the human brain to accomplish complex goals like image
recognition Example: Self driving car recognizes stop sign
Generative AI - subset of DL that involves the use of algorithms and
techniques to generate new data, things that have not existed in the
world before being created by the models Example: OpenAI’s ChatGPT
Definitions
Machine
Learning (ML)
Deep Learning
(DL)
Generative AI
(GenAI)
Artificial
Intelligence
(AI)

5. © 2024 SPLUNK INC.
AI Brings Both New Threats and
Opportunities
● Data Privacy
● Inaccurate Model Outputs
● Expanded Attack Surface Area
● Detect Important Events
● Provide Context
● Free Users from Basic Tasks
Threats Opportunities

6. © 2024 SPLUNK INC.
Generative AI
is just one of
many AI tools
for common
SecOps,
ITOps, and
engineering
challenges
Embedded
capabilities within
products
Customizable
ML, Deep
Learning, and
Data Science
Tools
AI Libraries
and APIs
for
Developers
Generative
AI Chatbots
Guided
Assistive
Workflows
Today’s generative AI
may not always be the
best tool for the job
AI
Tools

7. © 2024 SPLUNK INC.
© 2024 SPLUNK INC.
Why should
you use
Splunk AI?

8. © 2023 SPLUNK INC.
Companies that adopt
machine learning are
twice as likely (66%) to
be prepared for the
demands of a recession,
compared to those that
do not (34%)
Taken from the Digital Resilience Pays Off report
Driving Digital
Resilience

9. © 2024 SPLUNK INC.
Benefits of Using Machine Learning
Common outcomes from successful ML projects
Increase Efficiency
Reduce Manual
Processes
Identify ‘Unknown
Unknowns’

10. © 2024 SPLUNK INC.
We have been implementing AI for
years… and so did our customers!
Splunk has long been committed to helping customers use AI
Leader in 2022
GigaOm Radar
for AIOps
A Leader in the
AIOps Radar for
4 consecutive
years
Highest Scoring
Product in
Selecting an
AIOps Solution for
2 years
Leader in 2022
GigaOm Radar
for AIOps
Market Leader:
Vendor Selection
Matrix™ AIOps
Solutions

11. © 2024 SPLUNK INC.
Our Approach to AI is
Driven by Three Principles

12. © 2024 SPLUNK INC.
Foundational and Generative AI
Combining predictive analytics, accelerated investigation, and workflow enhancements
Correlate and
Diagnose
Aggregate and analyze all
data to investigate and identify
root causes
Detect and
Predict
Real-time, streaming
analysis to detect
anomalies and
forecast trends
Make Everyone an
Expert
Reduce need for environment
and tool expertise by simplifying
content creation and investigation
workflows
Foundational AI Capabilities
Generative AI Capabilities

13. © 2024 SPLUNK INC.
Using AI
for Security

14. © 2024 SPLUNK INC.
— CISO, Higher Education,
26,000 employees
“We learn in cyber after
the fact, with AI and GAI
we can be more
proactive, and it may
help us with skills
shortages.”
Love it or hate it
— AI is here to stay
● 70% of CISOs believe AI gives the advantage
to attackers over defenders. Yet,
● Automation is underway, and AI will accelerate it
further.
are already experimenting with it for
cyber defense.
of CISOs have extensively or
moderately automated their
processes, and AI will only increase
that percentage in the future.
Source: Splunk CISO Report 2023

15. © 2024 SPLUNK INC.
Identifying User
Access Anomalies Using ML for
Threat Hunting
Detecting
Malicious
Patterns of
Network
Traffic
Detecting
Domain
Generating
Algorithms
(DGAs)
Finding
Command Line
Anomalies
Detecting
Fraudulent
Activity
AI for Security
Predicting Data
Downtime
Spotting
Potential Insider
Threats
Demystifying
Security Searches
with the Splunk AI
Assistant

16. © 2024 SPLUNK INC.
Model Assisted Threat Hunting
Prepare, Execute and Act with Knowledge
Prepare Act
Execute
Knowledge
Select Topic
Research Topic
Identify Datasets
Select Algorithms
Gather Data
Pre-process Data
Develop Model
Apply Model
Analyse
Refine
Escalate Critical Findings
Preserve Hunt
Document findings
Create Detections
Re-add Topic to Backlog
Communicate Findings

17. © 2024 SPLUNK INC.

18. © 2024 SPLUNK INC.

19. © 2024 SPLUNK INC.
Using AI for
Observability

20. © 2024 SPLUNK INC.
Forecasting
Resource
Utilization
Detecting Service
Performance
Issues
User
Experience
Monitoring
Cell Tower
Monitoring
Predictive
Maintenance
Noise
Reduction
AI for Observability
Predicting Data
Downtime
Geohazards
Monitoring
https://www.splunk.com/en_us/form/splunk-machine-learning-for-observability-use-case-guide.html

21. © 2024 SPLUNK INC.
Detecting
Service
Performance
Issues
https://www.splunk.com/en_us/form/digital-resilience-pays-off.html
Each hour of
downtime can cost
$365,000

22. © 2024 SPLUNK INC.
Send
data from systems,
devices, and people
Define KPIs
in iterations as you
explore and
understand your data
Baseline
with AI assistants and
react quickly to
changing circumstances
Detecting Service Performance Issues
Splunk’s Approach
Predict
negative impacts
before they
happen with AI
Take Actions
that drive impact
across your
business

23. © 2024 SPLUNK INC.
Sounds great,
what’s the
catch?

24. 78% of Machine
Learning
Projects:

25. © 2024 SPLUNK INC.
Developing a Model
Collect/refine data
Feature
engineering
Label, visualise,
analyze data
Build, buy, train
or customise a
model
Assess the
business problem
and value
Continuously assess
model & infrastructure
performance
Deploy model
to production
Re-train
production
model
Optimise the
model,
assess
infrastructure
What Operationalisation actually looks like

26. © 2024 SPLUNK INC.
Complexity
Value
Develop /
train a
model
Label,
visualise,
analyse data
Feature
engineering
Collect /
refine data
Deploy
model to
production
Re-train
production
model
Continuously
assess
performance
Experimentation
Productionisation
Optimise &
assess
Developing a Model
What Operationalisation actually looks like

27. © 2024 SPLUNK INC.
Complexity
Value
Collect /
refine data
Deploy
model to
production
Re-train
production
model
Continuously
assess
performance
Productionisation
Develop /
train a
model
Label,
visualise,
analyse data
Feature
engineering
Experimentation
Optimise &
assess
Mind the
gap
Developing a Model
What Operationalisation actually looks like

28. © 2024 SPLUNK INC.
So What Should I Do About It?
Set clear
objectives
Assess
integration
points
Keep it
simple
What are the
outcomes you are
trying to achieve?
Make sure you are
adopting AI in places
that benefit the
business
Make sure what you
develop during an
experiment will
translate into
production code
Quite often simple
statistics can provide
approximations that
are almost as good as
an advanced deep
learning algorithm

29. © 2024 SPLUNK INC.
https://www.splunk.com/en_us/form/security-use-case-enhanced-by-ai-and-ml.html

30. © 2024 SPLUNK INC.
Thank You