[0:00]Hello, everyone. My name is Matt, and I'm a product manager at Splunk. Today, I'm going to be walking you through one of our newest applications, the Splunk App for Fraud Analytics. For those of you who aren't familiar with Splunk, we're a software company that specializes in making machine data accessible, usable, and valuable to everyone. We do this by collecting machine data from pretty much any source, regardless of format, and then indexing it to make it searchable and accessible. What this allows our users to do is to troubleshoot applications, monitor their infrastructure, and conduct security and compliance on their various systems. Now, the Splunk App for Fraud Analytics is one of our newest applications, and it's designed to help fraud investigators and analysts to detect and prevent fraud across multiple data sets. What this means is that we provide out-of-the-box dashboards, reports, and visualizations to help you understand your data, detect anomalies, and prioritize cases so that you can quickly find and stop fraud. So, let's go ahead and walk you through the application. This is the main dashboard for the Splunk App for Fraud Analytics. What this provides you is a high-level overview of the most critical fraud metrics that you need to be aware of. Specifically, what we're looking at here is a quick overview of events by different fraud types. You can see that the fraudulent events in our data set are largely made up of account takeover and payment fraud. We've also got a quick overview of events by status. We can see that the vast majority are still open, and there's a relatively small number that have been closed. We've also got a breakdown of events by different payment instruments, and we can see that credit card is the dominant payment instrument here. Finally, on this dashboard, we've got a breakdown of events by country, and we can see that the majority of fraudulent events are occurring in the United States and Canada. From this dashboard, what we can also do is we can drill down to the various dashboards that we've created for you. So, for instance, what we can do here is we can look at the account takeover dashboard. And from this, we can see a more in-depth overview of the different metrics and anomalies that are related to account takeover fraud. Specifically, we've got a quick overview of event by account takeover type. So, we've got login attempts, user profile changes, as well as password resets. We've also got a breakdown of the events by status, and similar to before, the vast majority are still open. We've got an overview of events by username. So, these are the usernames that are most frequently associated with account takeover fraud. And we've also got the account takeover event types by country, and similar to the overview, the United States and Canada are the dominant countries here. And then finally, we've got a simple dashboard that shows the login failures that occur over time. And we can also see the top 10 IP addresses with the most login failures. Now, one of the most powerful features of Splunk is its ability to allow you to do a lot of ad hoc searching and reporting on your data. So, from any dashboard, what you can do is you can click on an event, and what this will do is it will take you to an ad hoc search within Splunk. And this particular search is looking at all of the events that are associated with a successful login that are occurring from unusual countries. Specifically, what we're looking at here is a list of all these different events, and we can also see a breakdown of the geo location of where these events are occurring. We've also created a relatively simple report for you, and what this is doing is it's searching for any anomalies in the data for successful logins from unusual countries. And this will make it a lot easier for you to quickly find these events rather than trying to wade through a ton of different events in the Splunk interface. So, what we can see here is a list of all of the events that have been flagged as an anomaly, and we can specifically see the geo location where these events are occurring. And it makes it very easy to quickly identify where a lot of these different fraudulent activities are occurring. Now, the last thing that I'm going to walk you through is the fraud investigator dashboard. And what this dashboard does is it provides the fraud investigator with an in-depth overview of the various cases that they are working on. Specifically, what we're looking at here is a list of open cases by status, and you can see that the vast majority are in a new state. We've also got a breakdown of cases by different fraud types, and you can see that payment fraud and account takeover fraud are the two dominant fraud types here. We've also got a breakdown of open cases by priority, and we can see that a relatively small number are a high priority. And we've also got a simple breakdown of open cases by owner, and we can see the fraud investigators who are associated with the most cases. What we can also do is we can look at the average time to resolve cases, and what we can see is that over the past 30 days, the average time to resolve cases is steadily decreasing. Finally, we've got a breakdown of cases by status over time. And again, this shows how these cases are being resolved. And then finally, what we've got here is a simple dashboard that shows the average fraud amount by fraud type. So, you can see that these are the fraud types that have the most average fraud associated with them. So, hopefully, this gives you a quick overview of the Splunk App for Fraud Analytics, and we look forward to seeing you at a future Splunk event.