At the Center of a Phantom App Explosion

Earlier this month, we announced the Phantom App Explosion.  It’s time to share another big announcement.  Have you seen the totally new Phantom Portal?

You could say that the new Phantom Portal is at the center of the App Explosion.  We’ve launched major changes to the UI as well as other great new features.

I’ll share highlights in today’s post, but you should also tune in for our 1st ever Phantom in Focus (register) with our CEO, Oliver Friedrichs.  On Friday, Oliver will share more on the new Phantom Portal, momentum in the community, and a sneak peak at Phantom 2.0.

Now on to the highlights.

New Phantom Community Portal

Besides the new look, we’ve also included a number of great new features. The most noteworthy is the organization of Phantom Apps and Playbooks that drastically improves the browsing experience.

For example, check out the new Playbook listing page.  It includes a short summary of the Playbook objective, the number of actions executed, and a logo list of all the technologies supported by the Playbook.

alert triage logo list screen cap

When viewing the details of a Playbook, you’ll also see a new workflow-based illustration of the Playbook.  (Spoiler alert: This is a snapshot of the new editor that will be featured in Phantom 2.0.)

alert triage workflow screen cap

For those familiar with the last version of the portal, the information shared for each Playbook was limited to just a few words on functionality with nothing on how the Playbook executed or which Apps were required to run it.  The new portal simplifies navigation by including the execution order and required Apps front & center in the Playbook descriptions.

Another major change comes with the organization and presentation of Apps in the portal.  For instance, now you can easily view supported actions and associated Playbooks via dropdown lists.  With this layout you can quickly determine if an App works with a Playbook before downloading and installing the App.

supported actions and associated Playbooks screen cap

You may notice the word “Certified” next to many of the Apps.  This indicates that the App has been tested and certified by Phantom.  Apps that are not “Certified” are still ok to use.  It just means the App has not yet been tested and certified, so compatibility with different platform versions of Phantom is unknown.

We encourage the community to use all Apps and share feedback on the community Slack channel.

Other changes to check out:

  • Improved search engine
  • Featured Playbooks on the home page of the portal
  • 3-column view of Blogs, Knowledge Base Articles, and Video Tutorials
  • Organization of Playbooks by category (e.g. Use Case Samples, App Samples)
  • Ability to sort by Phantom version so only Playbooks and Apps supported by that version are presented

Last but certainly not least, you will find several new Phantom Apps and a few enhancements to old favorites – many of these were developed by the Phantom Community!

  • Screenshot Machine
  • DNS
  • F5 Big-IP
  • Cisco Meraki
  • Shodan
  • Duo
  • BlueCoat
  • Floodlight SDN Controller
  • NMAP
  • PassiveTotal
  • Carbon Black

It’s great to see this collaboration in the community.  Building and contributing Phantom Apps is one of the best ways to learn about automation and orchestration.  Thanks to all who participate regularly in our competitions and on the Slack channel – please keep it up!

Rob Truesdell
Director, Product Management

About Phantom:
Phantom, which was recognized as the most innovative company at the 2016 RSA Conference, automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger; Phantom provides the flexibility to connect in-house and third-party systems into one consolidated, integrated and extensible platform. Phantom was founded by enterprise security veterans Oliver Friedrichs and Sourabh Satish who have helped propel companies like Symantec, Sourcefire, Cisco and others to success. For more information visit:

2 thoughts on “At the Center of a Phantom App Explosion

Comments are closed.