Splunk Inc. first joined the Amazon Web Services Inc. Partner Network in 2012, and the two companies have been pursuing opportunities to collaborate ever since. This collaboration has included ways that security products and services offered by both firms can be effectively integrated into enterprise customer environments.

In addition to joint projects involving the use of Splunk Cloud powered by AWS, a number of Splunk’s core products, such as the Phantom security orchestration platform, are also available to customers through the AWS Marketplace.

“We advocate a lot for customers to be able to automate what they’re doing when it comes to their security findings,” said Scott Ward (pictured), principal solutions architect, emerging partners at AWS. “Phantom can run playbooks that will do as much or as little on that security finding data. It is allowing customers to resolve and remediate and address an issue in a workflow that works for them.”

Ward spoke with John Furrier (@furrier), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Splunk .conf19 event in Las Vegas. They discussed how Splunk and AWS work closely together to provide partner-driven security and leverage the strengths of cloud-driven solutions (see the full interview with transcript here). (* Disclosure below.)

Integration with Security Hub

Another example of how the two companies collaborate can be found in the launch of AWS Security Hub last year. When AWS announced its new product to provide a comprehensive view for managing security alerts and automating compliance checks, Splunk also released details around the integration of its Enterprise and Phantom platforms to offer further detection, investigation and response to threats.

“As a buyer, I think you can use both, and there’s room for you to take advantage and get the best of both worlds,” Ward said. “I would look at Security Hub as a central integration spot to get stuff into Splunk. Splunk is there to answer questions; it’s there to take data in and allow you to move forward.”

The Splunk App for AWS provides users with dashboards and reports to analyze data from a wide range of AWS services, including Amazon S3, CloudFront, and VPC Flow Logs. It’s the kind of partner-offered service that can be a key differentiator for both companies, according to Ward.

“The key thing that the cloud offers is the ability to automate and integrate your security teams more tightly with the things you are doing,” Ward explained. “You can actually enforce standards now. Security can keep up with you and differentiate your business even more than in the past.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Splunk .conf19 event. (* Disclosure: TheCUBE is a paid media partner for Splunk .conf19. Neither Splunk Inc., the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE