Defining Security Automation & Orchestration – Community Driven

Last month, we started a series on the blog to explore Security Automation & Orchestration as a new technology.  We enabled comments on the series as we are hoping to see participation from the community. In that first post, we shared a list of key characteristics for Security Automation & Orchestration.  Being “Community Driven” was … Continue reading Defining Security Automation & Orchestration – Community Driven

Playbook Series: Anomalous Geo Location on a Mobile Device

Today’s post continues an ongoing series on Playbooks, which Phantom uses to automate and orchestrate your security operations plan. This Playbook automates the process for alerts like anomalous geolocation; when a mobile device reports its location on successive check-ins where it appears to be traveling at a speed faster than possible.  It could indicate a … Continue reading Playbook Series: Anomalous Geo Location on a Mobile Device

Series: Defining Security Automation & Orchestration – Vendor Agnostic

Last month, we started a series on the blog to explore Security Automation & Orchestration as a new technology.  Comments are enabled for the series as we are hoping to see participation from the community. In that first post, we shared a list of key characteristics for Security Automation & Orchestration.  Being “Vendor Agnostic” was … Continue reading Series: Defining Security Automation & Orchestration – Vendor Agnostic

Winners Announced: $10,000 Phantom App & Playbook Contest

Our strategy to provide the first open community for security automation and orchestration is really taking off.  It’s more than lip service for us.  We like to say, “we’re putting our money where our mouth is to help build the community.” The $10,000 Phantom App & Playbook Contest is a great example.  It gave community … Continue reading Winners Announced: $10,000 Phantom App & Playbook Contest

Playbook Series: Trigger a Playbook with Your iPhone

Today’s post continues an ongoing series on Playbooks, which Phantom uses to automate and orchestrate your security operations plan. Last week, we featured a Playbook that automates malware analysis triggered by an email alert from FireEye. It’s a common scenario, and one with a demonstrable ROI – many companies say the investigation process takes upwards … Continue reading Playbook Series: Trigger a Playbook with Your iPhone