Power the SOC of the Future with scale, speed and choice - Splunk Public Sector Summit 2024 Sprecher: Matthias Maier (Security Market Advisor, EMEA CEH, CISSP, CISM)

1. © 2024 SPLUNK INC.
Power the SOC
of the Future
with scale, speed
and choice.

2. Forward-
looking
statements
This presentation may contain forward-looking statements regarding future events, plans or the expected financial
performance of our company, including our expectations regarding our products, technology, strategy, customers,
markets, acquisitions and investments. These statements reflect management’s current expectations, estimates and
assumptions based on the information currently available to us. These forward-looking statements are not
guarantees of future performance and involve significant risks, uncertainties and other factors that may cause our
actual results, performance or achievements to be materially different from results, performance or achievements
expressed or implied by the forward-looking statements contained in this presentation.
For additional information about factors that could cause actual results to differ materially from those described in
the forward-looking statements made in this presentation, please refer to our periodic reports and other filings with
the SEC, including the risk factors identified in our most recent quarterly reports on Form 10-Q and annual reports on
Form 10-K, copies of which may be obtained by visiting the Splunk Investor Relations website at
www.investors.splunk.com or the SEC's website at www.sec.gov. The forward-looking statements made in this
presentation are made as of the time and date of this presentation. If reviewed after the initial presentation, even if
made available by us, on our website or otherwise, it may not contain current or accurate information. We disclaim
any obligation to update or revise any forward-looking statement based on new information, future events or
otherwise, except as required by applicable law.
In addition, any information about our roadmap outlines our general product direction and is subject to change at
any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other
commitment. We undertake no obligation either to develop the features or functionalities described, in beta or in
preview (used interchangeably), or to include any such feature or functionality in a future release.
Splunk, Splunk> and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United
States and other countries. All other brand names, product names or trademarks belong to their respective owners.
© 2024 Splunk Inc. All rights reserved.
© 2024 SPLUNK INC.

3. © 2024 SPLUNK INC.
Matthias Maier
Security Market Advisor, EMEA
CEH, CISSP, CISM

4. The SOC of the future

5. © 2024 SPLUNK INC.
The SOC of the
Future
Unified Threat
Detection,
Investigation
and Response
at the Core.

6. We gone a long way

7. © 2024 SPLUNK INC.
Building on SIEM to
drive continued
innovation to
evolve the SOC
2009 2015 2016 2017 2018 2019 2020 2021 2022 2023
Enterprise Security
UBA
Security Content & Threat Research Team
SOAR
Risk Based Alerting in Enterprise Security
SURGe
Threat Intelligence Management
Open Cybersecurity Schema Framework
Attack Analyzer
Cloud-Based Behavioral Analytics
Mission Control
Today

8. You will go a long way, too!
We will meet you wherever
you are!

9. © 2024 SPLUNK INC.
Forging a path to digital resilience
Search, monitor and
investigate for real-
time security
monitoring.
Reduce noise, detect
more threats and
identify risk with AI/ML
powered detections.
Accelerate incident
investigations and
response using
automation.
Maximize SOC
efficiency with
integrated threat
detection, investigation
and response.
Foundational
Visibility
Guided
Insights
Proactive
Response
Unified
Workflows
See across
environments
Detect threats and
issues with context
Get ahead of
issues
Collaborate
Seamlessly
Accelerated by Splunk AI

10. © 2024 SPLUNK INC.
Foundational
Visibility
Guided
Insights
Proactive
Response
Unified
Workflows
See across
environments
Detect threats and
issues with context
Get ahead of
issues
Collaborate
Seamlessly
Foundational use cases
Providing the critical capabilities on your resilience journey
Automate Threat Analysis
Automate Containment &
Response Actions
Orchestrate Response
Workflows
Automate Complete TDIR Life Cycle
Standardize SOC Processes using
Response Templates
Automate Recovery Playbooks
Federate Access & Analytics
Data Optimization
Security Monitoring
Incident Management
Asset Discovery &
Management
Compliance
Visualization & Reporting
Threat Intelligence
Enrichment
Leverage Cybersecurity
Frameworks
Risk Based Alerting
Anomaly Detection
Threat Hunting
Accelerated by Splunk AI

11. The AI & Automation
future ahead!
The double click into
advancements for SecOps

12. © 2024 SPLUNK INC.
What’s next? Our
critical security
innovation areas
Unified TDIR with automated workflows
World-Class detections
Insider threat, risk and compliance
Federation
AI-guided workflows

13. © 2024 SPLUNK INC.
Foundational and Generative AI
Combining predictive analytics, accelerated investigation, and workflow enhancements
Correlate and
Diagnose
Aggregate and analyze all
data to investigate and identify
root causes
Detect and
Predict
Real-time, streaming
analysis to detect
anomalies and
forecast trends
Make Everyone an
Expert
Reduce need for environment
and tool expertise by simplifying
content creation and investigation
workflows
Foundational AI Capabilities
Generative AI Capabilities

14. © 2024 SPLUNK INC.
Foundational and Generative AI
Combining predictive analytics, accelerated investigation, and workflow enhancements
Correlate and
Diagnose
Aggregate and analyze all
data to investigate and identify
root causes
Detect and
Predict
Real-time, streaming
analysis to detect
anomalies and
forecast trends
Make Everyone an
Expert
Reduce need for environment
and tool expertise by simplifying
content creation and investigation
workflows
Foundational AI Capabilities
Generative AI Capabilities

15. © 2024 SPLUNK INC. | Splunk Confidential and Internal - Do Not Distribute
Upskill new and advanced
Splunk users quickly.
Translate bi-directionally
between NL and SPL.
Receive personalized
recommendations.
New:
AI Assistant 1.0

16. AI Assistant 2.0
- In your Workflow

17. AI Assistant 3.0

18. © 2024 SPLUNK INC.
Foundational and Generative AI
Combining predictive analytics, accelerated investigation, and workflow enhancements
Correlate and
Diagnose
Aggregate and analyze all
data to investigate and identify
root causes
Detect and
Predict
Real-time, streaming
analysis to detect
anomalies and
forecast trends
Make Everyone an
Expert
Reduce need for environment
and tool expertise by simplifying
content creation and investigation
workflows
Foundational AI Capabilities
Generative AI Capabilities

19. Level 1
AI Detections

20. © 2024 SPLUNK INC.
Introductory
use cases for
using AI for
security.
Foundational AI for Security

21. © 2024 SPLUNK INC.
Splunk Enterprise Security
with ML-Powered Content Updates from the Splunk Machine Learning for Security Team
Foundational AI for Security
Study Threats
Identify emerging threats and understand how they operate
Create Datasets
Collect data and use Splunk to parse the data and identify patterns that can be used to detect the threat
Build ML-Powered Detections
Build a model based on data in order to make predictions or decisions; enable systems to learn from data, identify patterns,
and make decisions with minimal human intervention; and craft rules or queries designed to identify specific activity associated
with threats
Test Detections
Run queries against a dataset that simulates attacker behavior to improve accuracy and reduce false positives
Release
Package detections to deliver timely and effective protections against emerging threats to Splunk customers

22. Level 2
Workflow end-to-end to manage and
operationalize anomaly detection tasks

23. © 2024 SPLUNK INC.
Splunk App for Anomaly Detection
Find anomalies in time-series datasets in just a few clicks!
Beginner friendly
No need for complex SPL queries, parameter tuning, or
knowledge of statistics
Quick and simple
The app detects anomalies with a couple of clicks - no
trial and error required
Helps ensure accuracy
Health check diagnostics determine if the user’s dataset is
fit for anomaly detection with the app’s algorithm
End-to-end operationalization workflow
Create anomaly detection jobs to run at regular intervals
and generate alerts
Splunk Enterprise 9.1, Splunk Cloud Platform
Foundational AI for Security

24. © 2024 SPLUNK INC.
Splunk App for Behavioral Profiling
Foundational AI for Security
Deploy Behavioral Anomaly Rules
Define and schedule behavioral indicators and scoring rules
with the help of a guided workflow
Investigate Entities
Utilise the dashboards provided to view and drill-down on the
entities which have the highest behavioral scores
Monitor Performance
Ensure your rules continue to execute effectively by monitoring
their performance and output

25. Level 3
New techniques to defend

26. © 2024 SPLUNK INC.
Splunk Attack Analyzer
Examples of AI built into products

27. Level 4
Automated Investigation
Automated Scoping
Automated Remediation
Unified Analyst Experience

30. What is the future of SIEM?
What is the future with Cisco?

31. © 2024 SPLUNK INC.
SIEM Spending Outlook - European

32. © 2024 SPLUNK INC.
© 2024 SPLUNK INC.
We will deliver
with unparalleled data.
Unparalleled
data
User feedback enriches the model
Better Security
& Observability
outcomes
High-efficacy
LLM
Stronger AI
capabilities
Unique data from Cisco
network, endpoint, device, cloud
Unique data from Splunk
security and observability across diverse tech landscape

33. © 2024 SPLUNK INC.
Thank You