(upbeat music) >> Narrator: Live from Orlando, Florida. It's theCUBE, covering .conf 18 brought to you by Splunk >> Welcome back to Orlando, everybody. This is Dave Vellante with Stu Miniman You're watching theCUBE, the leader in live tech coverage. We go out to events, we extract the signal from the noise. This is day two of Splunk's big user conference #Splunkconf18 Winding down, Stu. Been quite an amazing two days just said Doug Paradon had tons of customers, a lot of security talk today. Luke Bampton is here, another security expert, he's the application security specialists with SecurePay, >> Hi guys >> from Australia. Hi, how ya doing, mate? >> Good, not bad, can you tell that I'm from Australia, or not so much from the accent? >> That rack of beer you got down there gives it away. >> Haha, yeah (laughing) >> Australians like beer or so they say. But they don't drink Fosters so I hear. >> No, no, no such thing, actually, it's yeah, >> That's great marketing to dumb Americans. >> Yeah, a very common misconception though, so kudos to you for picking it up. >> Well, we were talking about the Melbourne Cup, but we'll get back to that later. But lets talk about SecurePay. >> Luke: Sure >> What do you guys do and what's your role there? >> Yeah so, we're an online payment gateway, so we help businesses trade online facilitating e-commerce, so we're actually owned by Australia Post so, Australia's premiere mail network. So that gives us kind of a unique competitive advantage being able to sell both parceled delivery and payments facilitation all in one service to our customers. Um, makes it really compelling offering to customers have an all in one kind of one-stop shop for all their e-commence needs. >> What's your role and what are the big drivers from the business or the operations that are effecting that role? >> So my role is an Application Security Specialist, so I look after a lot of the PCI, DSS constraints, so payment card industry, data security standard. I do a lot of stuff around vulnerability management, card reviews, penetration testing, web application, firewall administration, I work very heavily with our SOC guys work very heavily with our network, security team, platform application, you name it, we do it pretty much. >> So-- >> Yeah, yeah I mean security obviously for a payment company is pretty important, maybe you can talk about you know, what was changing in the industry, how does that impact your job? >> Yeah, so financial tech or fin tech has kind of boomed in Australia. If not the world in the last like five ten years, so there are a lot of new companies, and so therefore, it's driving a lot of innovation. So big players even like SecurePay are even feeling that, feeling that desire to work faster, more agile, and be more competitive in market, and that means a lot of change, a lot of fast paced change, especially when you're dealing with industry regulation such as calculating surcharges on the flyer, making sure the people aren't skimming off the top of what is just what it's supposed to be at cost covering exercise. For our merchants, so competing with legislative changes competing with industry changes, best practice, and if payments stopped then your entire ecosystem stops, and the economy stops. >> Yeah, so, I see hear application security, and I'm a networking guy by background so I start thinking level four through say, layer four through seven. Bring us inside a little bit. What your team does and kind of solutions you're using, I would expect Splunk's, piece of it, what's the stack and security layer look like? >> Yeah, sure, so from a security viewpoint, SecurePay being a subsidiary and being a payment card provider kind of has to be stand alone, so we can't leverage, we have to manage a lot of stuff in-house, I should say. Um, so what that means is basically you have to think of it as condensing your entire organization into a team of like five, six, seven. And really making the most of your products that you've got available to you. So that means really making the most of technologies out of the firewall space, out of the application security space, code scanning, basically everything that you'd expect a full blown enterprise to do, only with a much smaller team, much smaller budget, which means you've got a lot of competing priorities all the time. >> So when you say, in house, I'm inferring that means a lot on PREM as well or not sure? >> Yeah so at the moment, we are prominently on PREM, in terms of our infrastructure, we are moving to more of a hybrid cloud, particularly with non production environmentS. But, with that said, everything's got to be to be in line with all of the network controls, all of the application controls, segmentation all the rest of it is required under PCI. As far as individual tooling is concerned, we work very heavily with Splunk in terms of the event correlation, event management, alerting. Our risk guys use it to fraud profile, and risk profile both our merchants and our customers. And really like just keep an eye on what's going on in the overall enrollments payment ecosystem. Not only for our customers, but also for customers in the overall payment scene, because we hold relationships with other significant players, we can give them a head's up of what's going on. So any market trends, intelligence, like sharing, makes it a really good place to be. >> How long have you been a Splunk customer? >> So we've been a Splunk customer about 18 months now. >> Okay great. So relatively recent? >> Yeah. >> Tell us about life, what was the catalyst to bring Splunk in? What was life like before and the after? >> Yeah, so, the catalyst for bringing Splunk in was really the contract negotiation with our parent company in Australian Post. So we've moved away from our previous tooling and moved to Splunk. I'll be honest, there wasn't a huge adoption 'cause there was so much going on at that point in time, but about twelve months ago, we started really investing heavily in optimizing our instance of Splunk cloud, to the point where we're now able to leverage it's functionality in terms of application monitoring, making logs available and searchable. Just make things a lot more visible for even our senior leadership team to come up and see a dashboard on a TV screen on a wall and be like, "Hey, we're doing really well today". Or "hey, what's with that number, do I need," "is there something that I need to know?" The power of visibility when you're talking to leadership teams is just amazing. >> And you couldn't do this before, or you could do it would take a lot more resources? >> Yeah, exactly. You could do it, it's just that it's a lot less visual, and a lot more time intensive to actually pull that out. So where Splunk has really assisted us is in the ease of reporting, and the visibility and speed with which we can deliver the information required. So, with our previous tools, there was an issue with the timeliness of the data, so by the time that we'd actually pulled it out, taken the core insights that we needed it was probably not as accurate, or as up to date as what we like, and being in high paced financial industry time is money. >> So what have you done with that extra time is it just sort of perfecting the dashboards and the reporting and that process, or have you shifted resources to other activities? >> Yeah, so I mean when you're dealing with such a small team, time is key. And really that reporting time got shifted away and back into the hands of more technical on hands, technical uplift. You have more time you know, making sure that your firewall rules are correct, you've got more time making sure that you're applications, and your code reviews are going well, and you're clearing pipelines, and you're looking at training, you're looking for indicators of compromise instead of just kind of sitting there hoping that your current configures okay, but knowing that you could probably give it some more love if you had more time. >> Alright, yup Luke, one of the things we talked to a lot of customers about is that they start with a specific use case for Splunk, but then the business starts asking questions other groups get involved, what's your experience? >> Yeah, no, as our experience in that field is exactly the same, so we brought Splunk onboard purely as a seam for the security team to use. And it got to the point where you had say the sales team approach us and were like, "hey we know that you" "guys are pulling out a lot of metrics about" "our customers and what activities are going on in system," "is there any way we can leverage this" "to say calculate profitability for various accounts" "or you know can we offer bulk discounts?" Or you know, whatever so it kind of starts getting extended to the sales team, and then the customer service guys came aboard and they're like, "Hey, if we had access to this information" "sooner, we could better service our customers." And that offering itself was really powerful because it has a direct impact on our ability to deliver as a service provider. And it just keeps growing, and growing and growing to the point where pretty much every single team uses Splunk in some way, shape, or form, and are getting real value out of it. >> Now, when you say every single team, >> Yeah >> You mean across the company or? >> Yeah, just, across our company, so across SecurePay, so from the infrastructure guys to the network guys to the dev team, to the QA's to the BA's, just yeah. >> What about well, so we heard a lot of announcements today there sort of positioning Splunk for the lines of business the business users, the less technical folks. Do you see that happening in the near to midterm? >> Yeah, so that has. That's going to have a big impact as to where we sit, so on our current experience has been with the internal customers using Splunk who aren't as technical because we are using Splunk Cloud and we've got that shared like service pool from Splunk. Can unfortunately impact the ability of users who do need access to certain things, in a faster manner can be limited sometimes. So the ability to actually give those guys the ability to self serve a little bit bettter, up skill and actually kind of kind of teach them to fish as opposed as to delivering fish. Is really going to be very powerful, and it's just going to be it's going to be something to play to Splunk's credit. >> How large of an installation are you? How do you measure that, is that like, I guess it's gigabytes or terabytes right? >> Yeah, so in terms about our daughter in just I'm not 100% sure. I think we're, the majority of our logging comes out of our firewalls and perimeter stuff, as you'd expect, being a public facing organization so we've always got scans and whatever going on. But, in terms of the rest of our ingest, >> Dave: So small, medium or large? >> Yeah, I'd say we're probably, small or medium, depending on our ingest. So SecurePay for reference is only about 100, 120 people strong. So, we try to keep things as agile as possible and as lightweight as possible and Splunk's kind of there to support that because we can, we know when we're hitting our overhead and what we can do to actually kind of peg that back or wrap it up and where we've got the head room. >> Things you'd like to see Splunk do, what's on their to do list? >> That's a fantastic question, I'd like to, so I'm personally not a Splunk ninja by any means, I'm still very new, so given the fact that we've only had Splunk for about 18 months I would like, there are people here who would Splunk me into the ground. (laughing) >> But, >> That sounds vicious. (laughing) >> But personally what I'd like to see is a lot of that natural language translation stuff coming through that they announced, Can be really, really powerful. Just to empower those guys who haven't got quite like trying to reduce that barrier to entry rather than in nothing else. >> Luke, thanks so much for coming on theCUBE and good luck >> Yeah, no worries. >> with the future. That's it for us too, that's a wrap, I mean your final thoughts, you want to bring it home? >> Yeah, at the crossroads at day to day, it's really amazing to see this, they going to have WAS tomorrow, they got a huge party at Universal, so it's been a great experience for me, I really appreciate ya you know coming and sharing the ride. >> My pleasure. It's all about the data. We're seeing, we've watched the ascendancy of Splunk, Splunk went public with a very little of the cash, forty million dollars in cash, got to the public markets been growing like crazy, we're seeing a massive CAM expansion now into lines of business and new areas like IOT, so we're actually very excited about Splunk. We really appreciate them having us here. Busy month for theCUBE. theCUBE team's packing up. I'll be going to Miami. Stu will be going to Miami. You guys will be going to Miami. You guys are going back to California. We'll see you next week. Check out the Cube.net it will show you where theCUBE is for all the shows, checkout siliconangle.com for all the news. Some big news today, so look for that in the big data space Hortonworks and Cloudera merging evidently, just just came across the wire, wow. Hatfields and the McCoys. And, check out wikibottom.org sorry wikibottom.com for all the research. Thanks for watching everybody, This is theCUBE, we're out from Splunk .conf 2018 We'll see you next time. (upbeat music)