I recently joined Phantom, and I am very excited to help grow the 1st community-powered Security Automation & Orchestration platform. There are several ways that you can contribute to the community. Creating and sharing Phantom Apps is a great way to get started (you can read more about Phantom Apps here). My first Phantom App … Continue reading New App for Phishing Investigations
TechCrunch shared a blog post last week (Why Incident Response Plans Fail) describing how even the best IR plans become entangled while teams cycle through confusing “storming sessions” arguing over who owns what. Meanwhile, response time worsens and the IT environment suffers further damage. Automation of IR plans is a common use case. While some … Continue reading IR Fire Drills and Automation
We’re in the final two weeks of the Phantom Playbook & App Contest, so the early entries are coming in for review. The contest has been a great way to invest in the community. It’s also been fun to watch people collaborate and develop their ideas into Phantom Playbooks and Apps. Today, we’re sharing a … Continue reading Phantom + Shodan for Internet Connected Devices
Phantom enables collaboration in the security community through the use of open source Apps and Playbooks. Phantom Apps are connectors capable of connecting to the management APIs of security applications, products and services to orchestrate the environment from within the Phantom platform. Phantom Apps are Python modules, allowing anyone to expand the platform and contribute … Continue reading Floodlight App: Community Powered
We’re starting a series on the blog to explore Security Automation & Orchestration as a new technology. Comments will be enabled on this series as we’re hoping to see participation from the community. When considering the series, we were reminded of the story about the blind men and the elephant. In this fable, each man … Continue reading Series: Defining Security Automation & Orchestration
Phantom is the first company to provide an open community for security automation and orchestration, and this is something we take very seriously. It’s one thing to talk about it, and it’s another to invest in it. When we announced the 2016 Phantom Playbook & App Contest in January, we saw it as a way … Continue reading Community Double Play!
When George Santayana made this statement, he probably wasn’t thinking about Security Automation & Orchestration platforms, yet it applies. Recent research by CERT reminded me of Santayana’s quote. The project studied how schemas ensure a repeatable, auditable process, and serve us in many other ways. In their podcast, the CERT researchers describe how schemas can … Continue reading “Those who cannot remember the past are condemned to repeat it.”