Splunk is a data platform that helps security teams, IT professionals, developers, and just about anyone else use data to see across all of their digital systems to understand if they are secure, performing well, and where there are opportunities for improvements.
“The world today is driven by an explosion of new technologies and innovations. Such advancements are fuelled by data, and create more data. So it is clear that the organisations that will thrive are those that have a strong data and technology foundation. Trusted by 90 of the Fortune 100 companies, Splunk is the data platform leader for security and observability, that helps global organisations remove the barriers between data and action so that everyone thrives in the Data Age,” said Garth Fort, senior vice president and Chief Product Officer, Splunk.
In an exclusive interview with Analytics India Magazine, Garth spoke about Splunk’s journey.
AIM: From network security to analytics and observability, how would you describe Splunk’s journey from 2003 to date?
Garth Fort: Founded in 2003, Splunk’s mission has always been to remove the barriers between data and action. We had a simple idea of how we could use indexing and searching log files to help IT professionals troubleshoot issues in their environment. Over the past 19 years, we have expanded through 17 acquisitions to help customers address a much broader set of capabilities that help customers in IT, Security, Application Development, and Site Reliability Engineering. With the onset of the pandemic, we have witnessed how remote work and digital transformation quickly went from a priority to an urgent imperative.
Today, Splunk is a global company — with over 7,500 employees across 30 regions around the world — that offers an open, extensible data platform that supports shared data across any environment so that all teams in an organisation can get end-to-end visibility, with context, for every interaction and business process.
Over the years, Splunk has also invested in building a strong partner network which has seen a massive expansion. This ecosystem brings forth partners from across the IT, security, and analytics market and extends Splunk’s reach to customers in new geographies broadening its product offerings. The Splunk Partnerverse Program empowers our network of over 2,200 partners. It helps customers identify and collaborate with the right partners faster. Leverage proven solutions to reach their critical missions and outcomes in the cloud and underscores our continued commitment to our partner network.
As per Full Year, 2022 Financial results ending Jan 31 2022, Splunk’s cloud revenue was USD 944 million, up 70 percent year-over-year, with total revenues at USD 2.67 billion, up 20 percent year-over-year, a testament to our growth story. We continue to invest heavily in R&D to deliver new products and features that support our core differentiation: gaining operational insights from data in real-time.
AIM: Today, Splunk helps thousands of customers improve security, drive resilience, and unlock innovation. How do you do it?
Garth Fort: The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organisations are secure, resilient and innovative. When it comes to investigating, monitoring, analysing and acting on the data, Splunk stands out by breaking down barriers to action, transforming data into results, and protecting the business with its unique data platform for the hybrid world.
Designed for the hybrid world: Splunk is a single platform designed for the way companies work, with the capabilities that businesses demand.
· Splunk Cloud enables businesses to make confident decisions and take decisive action on insights from the derived data without purchasing, managing or deploying infrastructure. Splunk Enterprise scales to hundreds of terabytes per day to meet the needs of any organisation and supports clustering, high availability and disaster recovery configurations. It protects the company’s data and adheres to industry and international compliance regulations, like GDPR, with role-based access controls, secure data handling, simplified auditing and assurance of data integrity.
Security: Splunk’s security products and solutions give our customers the actionable intelligence and advanced analytics to strengthen their cyber security defence.
· Splunk Enterprise Security is our solution for Security Information and Event Management. It ingests and combs through a high volume of data in mere seconds to find and alert on unusual behaviour, offering real-time insight to protect the business. Splunk is used by large enterprises for end-to-end security operations – including posture assessment, monitoring, alert and incident handling, breach analysis and response, and event correlation.
· SOAR (Security Orchestration, Automation and Response) technologies enable organisations to efficiently observe, understand, decide upon and act on security incidents from a single interface. It enables them to handle more incidents, investigate the most important issues more deeply, and broadly improve their overall security posture.
Proud to be named a “Leader” in Gartner’s Magic Quadrant (MQ) for SIEM for eight years, Splunk’s analytics-driven security solutions provide a comprehensive approach to cybersecurity, including advanced techniques like machine learning and behavioural analytics. These techniques help security teams quickly identify, investigate, and respond to threats based on a broader security context than is possible with legacy security products.
· Observability: The pandemic-era rush of cloud adoption has increased monitoring challenges for traditional IT teams. However, as more IT organisations are experiencing the visibility challenges of hybrid, multi-cloud infrastructure, they’re also more readily identifying observability as the solution. Splunk Observability Cloud provides full-fidelity monitoring and troubleshooting across infrastructure, applications, and user interfaces, in real-time and at any scale, to help keep services reliable, deliver great customer experience and innovate faster. Splunk Observability Cloud’s suite of products and features enables businesses to quickly and intelligently respond to outages and identify root causes while also giving the data-driven guidance teams need to optimise performance and productivity going forward. This includes Splunk Infrastructure Monitoring which helps companies gain insights and perform powerful, capable analytics on infrastructure, Splunk Application Performance Monitoring, which collects traces and spans to monitor distributed applications connected to Splunk Observability Cloud to give full-fidelity access to all the application data, and Splunk Real User Monitoring that provides insights about the performance and health of the front-end user experience of the application by collecting performance metrics, web vitals, errors, and other forms of data to detect and troubleshoot problems among others.
AIM: How does Splunk use AI/ML?
Garth Fort: Splunk’s platform and products leverage AI and ML capabilities to help solve a range of business problems.
A good example is Lenovo, a USD 50 billion multinational technology company providing smart devices to consumers and businesses in 180 markets globally that relies on the Splunk Observability Cloud to better respond to changing consumer preferences in the evolving e-commerce landscape. The Lenovo team uses full-fidelity data and predictive analytics to monitor infrastructure performance at the cloud scale. Splunk’s AI-driven analytics helped Lenovo cut troubleshooting time in half, reduced the total cost of ownership and maintained 100 percent uptime despite a 300 percent increase in web traffic.
Another example is Hyphen Group, a leading financial technology company in Southeast Asia, that needed to bridge the gap between software development and IT operations to boost its DevOps pipeline. The cross-functional teams across engineering and infrastructure operations needed a better way to communicate and collaborate. With Splunk Observability Cloud, Hyphen Group relied on the analytics-powered platform to proactively uncover issues across the entire frontend and backend stack. The troubleshooting time has been reduced from hours to minutes, and the infrastructure deployment is now 8x faster, enabling reliable customer experience and faster time to market for new products and services.
Hong Kong Internet eXchange (HKIX) is one of Asia Pacific’s largest internet exchange points, supporting fast and easy interconnections among local and international networks. HKIX wanted to move from reactive to proactive information security management, as troubleshooting from disparate devices consumed time and created efficiency challenges. With Splunk Cloud streaming and machine learning capabilities, laborious issue management has been replaced with real-time visualisations and holistic system visibility for better operations and ISO 27001 compliance.
AIM: What makes Splunk unique?
Garth Fort: Splunk is unique in its ability to help organisations turn data into doing. One of the early innovations in our history was our system that infers the schema of a dataset when we first read it, as opposed to having that data model defined in advance of writing the data to the hard drive. This flexibility has allowed customers to use our powerful search, analytics, and visualisation capabilities over an incredibly wide format of various sources of machine data. We’ve seen Splunk used for optimising display advertising placement on cable set-top boxes or visualising in real-time the health of the systems on ships designed to lay fibre-optic cables on the floor of the ocean. Splunk provides robust and powerful solutions to various use cases, be it security, IT ops management or IoT-based products. With its wide range of market-leading purpose-built solutions and ease of use and deployment, Splunk helps customers gain an edge over their competitors.
Splunk’s platform is the only solution on the market that offers an investigative approach that allows our customers to ingest and act on data, no matter its format, across different parts of an organisation. Therefore, while Splunk may have hundreds of different competitors that tackle various point solutions, none offer the ability to do this across the business on the same platform and provides insights across all technology stacks used by various business units, be it on-premises, in the cloud or hybrid. This is uniquely Splunk and what Splunk does best- consolidating massive amounts of data across an entire organisation, digesting it and making sense of it.
AIM: Though Splunk has become a global brand name, only about ~35% of its revenue base comes from international markets. Why?
Garth Fort: Some of this is just a function of timing. We started in North America back when we were founded in 2002 and frankly could grow our business there at a rapid clip over nearly two decades. Our international footprint came later on, but we believe we’ll see continued rapid growth abroad through both our EMEA and APAC sales theatres. Today, Splunk Cloud serves customers in over 20 regions spanning both Amazon Web Services and the Google Cloud Platform, and we’re planning to expand to at least two more regions this year.
AIM: How big is the Indian market for Splunk? What are the opportunities?
Garth Fort: Per the latest IDC report, India’s public cloud services (PCS) market, including IaaS, PaaS, and SaaS, the revenue totalled USD 2.2 billion for the first half of 2021. The overall Indian public cloud services market will reach USD 10.8 billion by 2025, growing at a CAGR of 24.1 percent from 2020-25. These figures reflect tremendous growth opportunities for Splunk as a data platform leader for security and observability, in a fast-growing Indian cloud market.
Making inroads into the Indian market has been enabled by a strong partner ecosystem. Successful collaboration with local partners has allowed us to reach more customers and help them unlock innovation and embrace the cloud.
When it comes to advanced technology adoption, India is at the forefront compared to its global peers. Our latest State of Security Report revealed that Indian organisations are on the leading edge in adopting security infrastructure. 72 percent of Indian companies report extensive adoption versus 28 percent of their peers in the rest of the world. In addition to this, they have been integrating non-security analytics with security analytics to improve decision-making. 77 percent of the respondents reported significant integration versus 37 percent across other countries.
These findings tell us that Indian business leaders prioritise cybersecurity and stay ahead by investing in robust, predictive cybersecurity solutions and analytics. Splunk’s best in class, advanced analytics solutions, proven to support an expansive set of use cases, address the needs of businesses in India.
In addition to this, we recently conducted a survey which examines how observability is helping reduce costs while increasing innovation. The State of Observability Report revealed that the most sophisticated observability practitioners could cut downtime costs by 90 percent, from an estimated USD 23.8 million annually to just USD 2.5 million, compared to observability beginners. Once again, we learnt that Indian businesses are further along in the observability journey compared to their global counterparts. The report highlighted that only 29 percent of Indian organisations are rated as beginners, versus 62 percent, on average, across other countries, and 69 percent of Indian organisations were more likely to report that their start in observability was in part driven by a top-down mandate from leadership, versus 45 percent on average across other countries.
These are exciting statistics for us at Splunk as it reiterates that while observability as a practice may still be relatively new to the market, business leaders in India are already implementing observability in their businesses and have benefitted from observability. The opportunity for Splunk to quickly expand to more use cases across sectors is immense.
Lastly, last October, we announced the availability of Splunk Cloud Platform on Amazon Web Services (AWS) Marketplace to meet India’s digital transformation needs. Through this, Indian businesses have seamlessly procured and deployed Splunk Cloud Platform via AWS Marketplace. It ensures fast time-to-value for customers leveraging Splunk solutions to gain an additional layer of real-time security and operational and cost management insights across their AWS and hybrid environments. This availability brings great flexibility to our customers, and we are committed to bringing the solutions that matter to the India market.
AIM: For long, Splunk was a license-based software vendor. Did it change after moving into SaaS model?
Garth Fort: We’re constantly listening to customers for feedback around pricing and licensing. Several years ago, we shifted from perpetual to term licensing, and with the shift to a SaaS-based delivery model, we’re continuing the transition to cloud subscriptions. Our original model was based on the daily volume of data customers would ingest through Splunk. This model was simple to understand and measure and was considered a fair “pay as you go” model.
As customer deployments grew, we had feedback from customers that they wanted to align their pricing to their usage of Splunk vs the raw size of the data, so we introduced Workload pricing that aligns better with how customers received value from their usage of our products. We have seen this model adopted quite rapidly since it can help customers save money while at the same time accelerating usage.
AIM: What does the future hold for the company?
Garth Fort: My crystal ball has been a little cloudy over the last two years, and frankly, we have all been reacting to an unpredictable pandemic. What I can say for certain is that I think our customers leaned in with Splunk as their workforce went remote, and they doubled down on their digital transformation. We have no shortage of things our customers are asking us to build, and you can see thousands of suggestions for yourself by visiting the Ideas page on our website. We also hired thousands of new Splunkers over the last two years across every part of the company.
Globally, Splunk is a trusted technology provider to both government agencies across the Asia Pacific as well as to several multinational companies and financial institutions- from the City of Gold Coast, Australia, the Government Service Insurance System in the Philippines to the Tokyo Stock Exchange and the Hong Kong Internet eXchange to name a few. In India, Splunk is actively supporting these sectors, including providing comprehensive cloud services and solutions to one of the largest private banks in India.As the Government of India takes aggressive initiatives toward digital adoption, Splunk is committed to the India market. We believe that we will play an important role in enabling organisations in India to thrive in the digital age.