Today’s post continues an ongoing series on Playbooks; which Phantom uses to automate and orchestrate your security operations plan. Flashpoint gives their threat intelligence subscribers the ability to see compromised user names, passwords, email addresses, and other credentials. This information can be ingested daily and distributed over email. When an analyst receives an email from … Continue reading Playbook: Automatically Secure Compromised Accounts
A great use case submitted by one of our top contributors in the community! Joel King of WWT, built an automation that monitors for data exfiltration using Phantom, Ansible, and Cisco. Joel submitted this as an entry in Round 2 of the Phantom App & Playbook Challenge. An overview of the App, and links to … Continue reading Data Exfiltration Monitoring with Phantom, Ansible, and Cisco ACI
Earlier this week, we covered Safe Mode on the blog. It’s a great new feature in Phantom 2.0, and a relevant topic for those who are just getting started with automation and orchestration. Today, we’ll touch on a more advanced topic; one suitable for those who are already on the automation and orchestration journey. Though … Continue reading Where Are You on the Automation Continuum?
You may have noticed the Safe Mode switch in Phantom. It’s new in 2.0 and a great way to experiment with automation & orchestration; like learning to ride a bike with training wheels. It's a great way to find your balance without hurting yourself. If you already use Phantom, then you know that Apps & … Continue reading Safe Mode – Like Training Wheels for Automation
Thanks to the community and Team Phantom, you’ve seen a tremendous increase in new Phantom Apps this summer with highlights covered here, here, here, & here! It’s only August, so the Phantom Summer App Explosion is still well underway. Sign in to the Phantom Portal to see the latest versions of all Apps and watch … Continue reading The Phantom Apps Keep Coming
The team really enjoyed the chance to work with all students in the Coding for Security Pros course at Black Hat this week. When we were asked to help with the class and sponsor the hack-a-thon, it seemed like a great way to show our support for the open community approach to Security Automation & … Continue reading Winner Announced: Coding for Security Pros Hack-a-thon