Copyright  ©  2015  Splunk  Inc.  

Klarna  Security  Opera<ons  

‹#›  

Agenda  !   Klarna  intro  !   Short  info  about  me  !   Splunk  at  Klarna  !   Splunk  at  Security  Opera<ons  

‹#›  

Klarna  Group  

•  Founded in 2005 in Stockholm, with focus on simplifying buying  •  World market leader in after-delivery payments  •  Our goal is to become the world’s favourite way to buy  •  Present in 18 countries  •  Supported by investments from Sequoia Capital, Atomico, DST and

General Atlantic  •  50,000 online merchants across Europe, including  

ASOS, Spotify and Zara  •  35 million consumers  •  250,000 transactions per day  

‹#›  

Sequoia Capital: The world’s leading tech investor

1995 Yahoo David Filo, Jerry Yang

1983 Oracle Larry Ellison

1978 Apple Steve Jobs

1999 Google Larry Page, Sergey Brin

2000 Rackspace Lanham Napier, Graham Weston

2003 LinkedIn Jeff Weiner, Reid Hoffman

2005 YouTube Stephen Chen Chad Hurley

2007 DropBox Arash Ferdowski, Drew Houston

2011 WhatsApp Jan Koum, Brian Acton

2012 Instagram Mike Kreiger, Kevin Systrom

‹#›  

Standard  Slide  2  nd  something  something  malwares…  

18 Markets

‹#›  

Standard  Slide  2  nd  something  something  malwares…  

1,200 Employees

‹#›  

250,000 Purchases on an average day

‹#›  

35 million Users

‹#›  

So why do people drop out?

1. Hidden charges: 71% 2. Security: 58% 3. Technical problems: 44% 4. Takes too long: 37% 5. Lack of contact details: 33% 6. Security features (e.g. “Verified by Visa”): 23%

Source: Econsultancy, Why do consumers abandon online purchases? (2011)

1 2 3 4 5 6

Why people drop out of/cancel purchases:

This is how you shop with Klarna Checkout

‹#›  

This is how you shop with Klarna Checkout

1. You use only top of mind information

2. Purchases are made with one click

3. You can change payment method

Henrik  Skantz  Team  Lead  -­‐  Security  Opera<ons    

‹#›  

How  We  Got  Started  !   First  engineering  use  case  for  Splunk  

–  Engineering  ê  Distributed  payment  system  

–  Security  Opera<ons    ê  Correla<on  of  events  

‹#›  

History  –  2013  ê  100GB  ê  40  users  ê  30  Deployment  clients  

–  2015  ê  ?Gb  ê  700  users  ê  1300  Deployment  clients  

0  

5  

10  

15  

20  

25  

Usage  

Usage  

‹#›  

Splunk  Enterprise  at  Klarna  

Search  

‹#›  

Users  

•  IT  Opera<ons  –  Live  Opera<ons  –  Monitoring    –  Core  services  –  Network  Opera<ons  –  Security  Opera<ons  

•  Dev  teams  

•  Technical  sales  •  Merchant  support  

•  Business  intelligence  •  Opera<on  analy<cs    More  than  50%  of  all  employees  have  

access  to  Splunk.  

‹#›  

Opera<onal  intelligence  

!   Monitoring  of  cri<cal  systems  !   Incident  management  !   Opera<onal  analy<cs  

‹#›  

Inputs  Opera*onal  Intelligence  

HA  Indexes  and  Storage  

Search  and  Inves*ga*on  

Proac*ve  Monitoring  

Opera*onal  Visibility  

Real-­‐*me  Business  Insights  

Commodity  Servers  

Online  Services   Web  

Services  

Servers  Security  

Storage  Desktops  

Networks  

Packaged  Applica<ons  

Custom  Applica<ons  

Databases  

Smartphones  and  Devices  

‹#›  

Security  Opera<ons  Example  of  correla<on  sources  

!   Authen<ca<on  events  !   Address  alloca<on  !   Malware  events  !   Firewall/Net  flow  !   Vulnerability  management  

Applying  CIM  to  these  kind  of  sources  and  correla<on  gives  us  knowledge  such  as  who/when/where  about  usage  of  our  assets.  

‹#›  

What’s  Next  

!   Enterprise  Security    !   Architectural  changes      !   Staffing  up  

‹#›  

Top  Takeaways  Know  the  product  

•  Enable  the  developers  •  Educate  users  •  Keep  it  simple  •  CIM  •  Context  

Thank  You