Series: Defining Security Automation & Orchestration – Purpose Built

Last month we started a series on the blog to explore Security Automation & Orchestration as a new technology.  We enabled comments on the series as we are hoping to see participation from the community.

In that first post, we shared a list of key characteristics for Security Automation & Orchestration.  Being “Purpose-Built for Security” was one of the characteristics, and the focus for today’s post.

square peg round hole

Allow me to explain.  As security has become mainstream, many technology vendors have rushed to invest in the growth opportunity it affords.  One approach that speeds time to market for new solutions is to adapt applications that have been developed for tangential use cases into security products.

Though relatively new to security, automation and orchestration technologies are mature in other market segments.  Some vendors in related markets like IT Automation or Workflow Management have attempted to extend their automation technologies to address security.  Others have taken technologies even further removed from security, and worked to reposition them as a way to participate in this fast growing market (e.g. pivoting from telecom revenue management and billing solutions to security).

There are a number of benefits to choosing purpose-built software for Security Automation & Orchestration.  Typically, software that has been designed for a specific application from the start will require less customization to deploy, which can result in a faster time to value.  Showing a clear and quick Return on Investment is crucial when deploying new technologies like Security Automation & Orchestration.
Once deployed, purpose-built software is also often better suited to support specific use cases since it has been designed with those cases in mind from the start.  This helps to avoid the frustration that users may experience trying to force-fit a solution into their environment, or even avoiding certain uses cases because the application doesn’t easily support them.  When security is the focus for the development team, the automation and orchestration applications may even be more secure themselves.

We’ll continue to elaborate on each of the key characteristics and solicit input from the community.  For now, we’d like to hear your thoughts on the importance of being Purpose-Built for Security.

  • Do you agree that it is important?
  • Any other issues using technologies that are not designed with security in mind?
  • What other benefits would you associate with products that have been purpose built for a specific application like security?

CP Morey
VP, Products & Marketing

About Phantom:
Phantom automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger; Phantom provides the flexibility to connect in-house and third-party systems into one consolidated, integrated and extensible platform. Phantom was founded by enterprise security veterans Oliver Friedrichs and Sourabh Satish who have helped propel companies like Symantec, Sourcefire, Cisco and others to success. For more information visit:

2 thoughts on “Series: Defining Security Automation & Orchestration – Purpose Built

  1. I think whether or not its purpose-built for security from the ground up is less important than some of the other items on the list. It has a place there, but perhaps not at the top. My reasoning for this is that there are breadth of ideas from business that can be reused in security, if not the platform than the concepts at least, for example the concepts of and implementation patterns for plain-language “Decision Making Support”.

    However, to your point of vendors in other fields who are rebranding tools rather than repurposing and building new tools for information security, I agree wholeheartedly. There will be nothing but heartache over broken promises if you attempt to adapt their tool rather than adopt their ideas into a security specific tool.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s