Mission Control: Integrated Case Management

In this installment of the series, we will explore how Phantom Mission Control™ integrates case management tasks into a security operations team’s workflow. By merging case management tasks into Mission Control, analysts save time and better preserve data by eliminating the need to shuttle data between the Phantom Platform and an external ticketing or case management system.

Playbooks: Going Beyond Incident Response Use Cases

Before joining Phantom, I worked in several security operations roles at a large electric power company. During my time there, we built out our Security Operations Center (SOC) and added numerous security tools to identify, investigate, and respond to cyber threats. As we grew, I realized how difficult it was just to keep track of … Continue reading Playbooks: Going Beyond Incident Response Use Cases

Announcing the Phantom Community Contributor of the Month for September 2017

This month we would like to congratulate Martin Ohl  with McAfee  as the Phantom Community Contributor of the Month for September 2017.  In just a short period of time, Martin has made a number of contributions to the Phantom Community, including: McAfee OpenDXL App for Phantom https://my.phantom.us/3.0/apps/?search=McAfee%20OpenDXL McAfee Advanced Threat Defense (ATD) App for Phantom https://my.phantom.us/3.0/apps/?search=McAfee%20Advanced%20Threat%20Defense%20(ATD) Phishing … Continue reading Announcing the Phantom Community Contributor of the Month for September 2017

Mission Control: Mission Guidance Playbook and Action Recommendations

This article is a part of a series describing key features of the Phantom Security Automation and Orchestration platform. In this installment of the series, we will cover a new capability of the platform called Phantom Mission Guidance™. Mission Guidance uses reinforcement learning to make playbook and action recommendations to an analyst while processing a … Continue reading Mission Control: Mission Guidance Playbook and Action Recommendations

Freddy Dezeure Joins Phantom’s Board of Advisors

  Protecting our most important business assets from cyber threats is a growing challenge that we all face. We are more and more dependent on IT and connectedness for the delivery of our services, the operation of our infrastructure, and even our daily life. The growing complexity and scale of the underlying infrastructure exceed the … Continue reading Freddy Dezeure Joins Phantom’s Board of Advisors

Mission Control: Improving Efficiency with the Analyst Queue

This article is a part of a series describing key features of the Phantom Security Automation and Orchestration Platform and how they work to improve the analyst experience. In this specific installment of the series, we will talk about the Analyst Queue.     While the Analyst Queue view is not explicitly part of the … Continue reading Mission Control: Improving Efficiency with the Analyst Queue