It’s our favorite time of the year as partners from across the globe gather at our annual Global Partner Summit (GPS) in Las Vegas this week. Our partners are essential to our success, and GPS is a key moment where we get to celebrate our joint achievements and highlight our partner ecosystem. In that spirit, we're excited to kick off our new Partner Spotlight series, where we'll interview different partners in our ecosystem.
In this inaugural edition, we highlight Peter Doggart (@peterdoggart), VP of Business Development at Symantec, the world’s leading cybersecurity company. He brings 20 years of executive product and marketing management experience from networking and security companies. Peter partners closely with Splunk, and in his own words, talks about the partnership and about his role at Symantec.
What does Symantec do and what do you there?
A big part of what I do at Symantec is lead the Technology Integration Partner Program, or “TIPP” for short. Symantec launched TIPP in 2017 as an open ecosystem with an aim towards integrating Symantec data feeds with partners, linking together our defensive platforms, leveraging each other’s advanced detection suites, and automating workflows to enhance security and increase productivity for our end customers.
Splunk has been one of our longest and closest partnerships, and I’m thrilled with the integration work we’ve done together to help make our customers’ defenses stronger and to make life easier for the cyber warriors in SOCs around the world.
What do you like about partnering with Splunk?
I think at the core, partnering with Splunk is so gratifying because we have a shared vision and shared values. Both organizations are deeply committed to integrations that can significantly improve security outcomes while driving down the cost and complexity of cybersecurity operations. I love the joint focus on customer success.
That, and we work hard! We’ve built eight Splunk Apps that integrate Symantec's data from on-premise endpoints and servers—as well as cloud security data—to give better visibility to our customers. Additionally, we have eight Splunk Phantom apps fully integrated with several pre-built playbooks that can be utilized out-of-the box.
Can you tell us more about how customers benefit from Splunk and Symantec working together?
Consider a Security Analyst using Splunk. That analyst can now collect all Symantec security-related data in one central place, making it easier for them to search across all telemetry, and run reports in seconds instead of days or weeks. That’s huge.
Additionally, that same analyst can apply Threat Intelligence on any observables to detect malware across the Integrated Cyber Defense (ICD) platform, respond to any threat and apply a mitigation action across all Symantec control points in seconds.
An Incident Response engineer will now be able to monitor what’s happening in the global environment, share case data, indicators, forensics and events, and then quickly act on containment. That reduces dwell time from days to minutes.
In short, together we help customers leverage their Splunk investment via consolidated views across their security infrastructure, including incidents flowing from endpoint, web, network and email security solutions.
What are you looking forward to at GPS 2019?
I’m looking forward to learning what’s new at Splunk, and talking to so many talented people about how we can do more together. Our joint value proposition to customers is really compelling and we have a great deal of opportunity ahead of us.
What are your top priorities for the next year?
As an organization, Symantec’s top priority is to continue to lead the shift to a platform-based approach to cyber defense. Cybersecurity systems need to share data and context about what they know, what's been blocked and why, what they've detected as suspicious and so on. We have to help the SOC analysts get from problem to answer a lot faster and more efficiently.
Symantec is continually making new enhancements and innovations to our ICD platform that will make it possible for us to do even more with partners like Splunk, faster. Our new shared data exchange—called ICD Exchange, or ICDx for short—profoundly changes how we integrate, moving from a point to point architecture to integrating cross-platform.
So, this year I’m focused on how we leverage our latest set of capabilities with our ecosystem partners to better secure our customers and drive a more cost effective and efficient cyber defense posture.
If you could ‘Splunk’ your own life, what would you [want to] find out?
I would Splunk anything that helps me find a few more hours in my day.
How do you see your market evolving in the next five years?
This industry changes so fast, I’m not sure anyone has a crystal ball that can predict the future in any reliable detail. That said, I think we will be looking back on “cyber defense via point products” as a bygone era (and good riddance!). The future of cyber defense is integrated and platform-based. I can’t wait to see what Splunk and Symantec do together next.