New App for Phishing Investigations

I recently joined Phantom, and I am very excited to help grow the 1st community-powered Security Automation & Orchestration platform.

There are several ways that you can contribute to the community.  Creating and sharing Phantom Apps is a great way to get started (you can read more about Phantom Apps here).

My first Phantom App allows for integration with screenshotmachine.com.  This website provides a service that uses RESTful APIs to take a screenshot of a webpage and return an image.  The App requires you to have an account with screenshotmachine.com and then uses your account’s API key and secret phrase, if you have one configured, to generate a screenshot of a given URL.

screenshotmachine logo

So how does Phantom’s integration with this service fit into the security space?  One way is to help with phishing investigations.

Phishing emails can often include URLs that point to sites that look legitimate, but are in fact designed to deceive users into infecting a computer or releasing sensitive information.  The screenshotmachine.com App can be used to capture an image of these types of sites, which can then be shared with users for educational announcements or stored as a record of potential threats.

Phantom’s open and extensible platform allows you to interface with nearly any service, even those with actions as simple as taking a screenshot.

I’ll be publishing this App in the Phantom App Store soon.  You will be able to find it on the Phantom Portal when it’s available.

Are you planning to build a Phantom App?  Check out these resources for help:

  • Watch: There have been two Phantom Tech Sessions on App Development.  Sign in to the the portal (https://my.phantom.us/) and watch the videos from the Tech Sessions recorded on April 9th & May 7th.
  • Talk: Join our Slack channel: phantom-community.  In addition, Sourabh Satish (Phantom CTO) holds “Office Hours” to help with App development.  If you have questions, you can book a 30 minute 1-on-1 session with Sourabh for help.  He is available daily from noon – 12:30 PDT.  Book by sending an email to sourabh@phantom.us.
  • Read: Sign in to the portal (https://my.phantom.us/).  Click “Learn” on the menu, you’ll have access to full documentation on Apps, including the actions that each App can take.  We share tips on developing Apps as well.

Interested in seeing how Security Automation & Orchestration can help your organization?  Get the free Phantom Community Edition, and attend one of our Tech Sessions.

Michael Weinberger
Security Engineer
Phantom

About Phantom:
Phantom automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger; Phantom provides the flexibility to connect in-house and third-party systems into one consolidated, integrated and extensible platform. Phantom was founded by enterprise security veterans Oliver Friedrichs and Sourabh Satish who have helped propel companies like Symantec, Sourcefire, Cisco and others to success. For more information visit: www.phantom.us.