A case could be made that the current chaotic enterprise computing landscape offers firms such as Splunk Inc. a prime market opportunity. With so much surface area to protect, including multiple servers, endpoints and connected “internet of things” devices, managing the complex environment with logs in different formats is no easy task.

Security in today’s enterprise requires an ability to investigate, see data and evaluate threats. It’s a reasonable fit for Splunk’s software to search, monitor and analyze big data.

“The uniqueness of Splunk is the investigative lake; it’s the fabric of what we do,” said Doug Merritt (pictured), chief executive officer of Splunk. “I’m trying to get data in so everybody has the capacity to investigate.”

Merritt spoke with Jeff Frick, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the role of automated solutions in enterprise security and Splunk’s partnership with Forescout Technologies Inc. (* Disclosure below.)

Phantom’s automated solution

A key element of Splunk’s security approach involves Phantom, technology acquired by the company last April. Splunk Phantom provides security automation and response capabilities in an integrated process solution.

“Traversing, investigating, monitoring, analyzing and automating up and down continuously we think is the key to getting the best value from this really diverse and chaotic landscape,” Merritt said. “Having Phantom as part of the fold helps a lot.”

Splunk and Forescout have partnered to optimize security operations centers with device visibility and control. A Forescout extension integrates with Splunk Enterprise Security, and Splunk can visualize Forescout data for trend analysis, monitoring and reporting.

The combined solution between the two companies is designed to offer insight and incidence response across a wide range of managed and unmanaged devices.

“We’re trying to be the interpretation and brain layer for that,” Merritt said. “When I’ve got a billion potential events per day, how do I deal with that?”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference. (* Disclosure: Forescout Technologies Inc. sponsored theCUBE’s coverage of the RSA Conference. Neither Forescout nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE