Resellers should tap machine learning opportunities, urges security firm

Splunk also pushing for channel to embrace the machine learning market

Splunk is pushing for its VAR and MSP partners to embrace the machine learning market, with such channel partners seeing opportunity in the technology to offer more preventative cyber security measures.

During Splunk's .conf2017 in Washington, D.C. last week, Atif Ghauri, VP of customer success at security firm Herjavec Group, noted that Splunk's technology, including its User Behavior Analytics (UBA) offering, are a key part of Herjavec's business.

"The machine learning algorithms [Splunk uses] in UBA in addition to the machine learning algorithms that are in the core Splunk product are pivotal in our day-to-day operations with our customers," he said.

Today, machine learning is enabling Herjavec to elevate the quality of its escalations. For example, if the firm has to alert a customer about a problem in the middle of the night, customers would prefer to also be informed of a route of action and remediation, Ghauri explained.

He added that with machine learning, and in particular predictive intelligence, can enable computers to generate associated indicators of compromise, notable IP addresses or other related materials to allow for a better quality escalation.

"That means the analyst…can focus more on the manual processes to pull data when we escalate the alert. At the end of the day, from a customer success standpoint, the escalation has more enriched alerting because we're going beyond what can be automated through machine learning," he said.

Further, predictive intelligence allows the MSSP to identify abnormalities and get ahead of them and see if they are a threat or not.

"That's where we want to get to; that's valuable. That's customer success versus ‘thanks for telling me it happened. Now what?' The predictive intelligence is the buzz [phrase] there that would help drive value for our customers," Ghauri said.

"We have to be [ahead] of it - not just aware and able to respond to it. With most of the security breaches you see today… The damage is already done. The hackers already left. The data's already gone. And we as an industry have kind of accepted that that's okay. That's not okay.

"We need to block it, detect it and eliminate it so the data's never lost. It's time to block. It's time to be ahead."

But while the benefits machine learning can have in key areas like security can add appeal to Splunk's technology, it is ultimately the channel that will help Splunk drive more mainstream adoption, according to Ghauri, who said partners are the vendor's "force multiplier".

Resellers should tap machine learning opportunities, urges security firm

Splunk also pushing for channel to embrace the machine learning market

"The goals [Splunk CEO] Doug Merritt has to grow a multi-billion dollar company is not going to happen without the partners; they just can't scale fast enough," he said.

"Partners need to really dig in...to be able to not just sell the product, but also sell solutions. How does Splunk solve a particular problem? That's what we've had a lot of success with, and it's going to take hundreds more partners to [reach] the ambitious goals the company has from an expansion standpoint."

During .conf 2017, Splunk announced it has a total of 950 channel partners globally, including VARs, MSPs, SIs, distributors, OEMs and technology alliance partners, up from about 600 during the previous .conf.

Brooke Cunningham, AVP of global partner programs and operations at Splunk, confirmed to Channelnomics that channel partners are a key route to market for Splunk when it comes to machine learning.

But the machine learning market, while shiny and attractive, is not without its challenges.

Cunningham pointed a Splunk partner profitability study that found that while partners are typically focused in one area, the more profitable Splunk partners focus on a broader set of solutions and different use cases, such as security with IT ops.

In addition, they're doing much more around service provisioning and providing ongoing expansion services, rather than just implementation, the executive said.

"With that...what I see as the challenge ahead of us is we need more of our partners to get engaged with machine learning and start doing more with that, and ultimately we see that helping us drive some of the goals we established with the [Partner+] Program," Cunningham told Channelnomics. "I see a big challenge in just getting more partners getting their arms around it and getting engaged with it."

In order for this to happen, however, Cunningham said partners must focus their efforts on the customer.

"Part of understanding the power and capability of machine learning is partners having the opportunity to really understand those customer use cases and how they can provide value in solving a key challenge customers are having and how machine learning has the power to help them," she said, noting that Splunk sees success in presenting customer stories.

"These are examples of where there's a big opportunity, so spinning that challenge into an opportunity for partners... Some of these use cases are emerging quickly - think about smart cities and smart cars.

"We have all these opportunities ahead of us with massive amounts of data. Some of these are so new that we're all collectively learning as we take this data and understand how we can help support our customers with it."