Splunk's CEO doth protest too much
"A canned statement emitted from Oracle's long-suffering flacks..."
We're not really suffering, we flacks think Larry keeps things interesting, and there is no such thing as bad publicity.
Seriously, who can argue that there is absolutely no way that Splunk can detect all relevant signals and remediate entire systems using that information? Larry's point is that Oracle deeply understands the application, hardware, and OS because we built it all. It's exactly how we make the system run autonomously.
Splunk is part of the current security problem. It and many other vendors who sell point security solutions that customers are then supposed to integrate seamlessly have over promised and under delivered for years: custom, snowflake IT layer cakes of independent network, storage, and servers layered with a patchwork quilt of non-integrated security monitoring software are essentially defenseless against determined hackers, as Equifax and Deloitte have shown.
Your only hope: find big allies (like Oracle, AWS, Google or Microsoft) to whom you can offload your infrastructure, APIs and apps and re-focus on defending a smaller surface area and territory. Focus your efforts on intensive testing and hardening of all your systems, leveraging red teams and really aggressive attack training.
I tell you how to do it in this pretty awesome blog post:
https://www.linkedin.com/pulse/why-companies-defenseless-against-cyberattacks-what-o-keefe-ph-d-/
Biting the hand that feeds IT
