Today’s post continues an ongoing series on Phantom playbooks; which the platform uses to automate and orchestrate your security operations plan. This example covers one of the sample playbooks included with the Phantom platform. Whether from an intrusion detection system or through log analysis, security devices can generate alerts when reconnaissance activity is detected. The Phantom … Continue reading Playbook: Investigate IP Address Performing Reconnaissance Activity
SafeBreach focuses on offensive security by deploying simulators to play the role of a hacker. A user can orchestrate simulated attacks against elements of their network or cloud infrastructure, applications, and endpoints. Following the simulated breach, the SafeBreach platform will make recommendations on remediation tactics to better secure the environment. Remediation is where the SafeBreach … Continue reading Playbook: Automating from the SafeBreach Hacker’s Playbook to Predict & Prevent Attacks
Today’s post continues an ongoing series on Phantom playbooks; which the platform uses to automate and orchestrate your security operations plan. SIEM platforms, like Splunk used in this example playbook, collect and aggregate log data from your security infrastructure. They can also alert you to a newly discovered server service that is publicly accessible on … Continue reading Playbook: Investigate and Block Newly Discovered and Publicly-Accessible Server Services on Your Local Network
I’ve been fortunate these last few years to meet with dozens, perhaps hundreds, of security teams of all shapes and sizes, with maturity ranging from a couple smart but embattled analysts all the way up to massive cyber fusion centers with an intelligence capability that likely rivals that of most small nations. In my quest … Continue reading The Benefit of Code Without Actually Writing It?
“I am proud and excited to recognize Phantom as one of this year’s SINET 16 Innovators,” said Robert Rodriguez, Chairman and Founder of SINET. “Of our four programs each year, Silicon Valley, New York City, Washington DC and London, the Showcase is my favorite as it has a clear deliverable in our mission to advance … Continue reading Phantom Recognized as a SINET 16 Innovator for 2016
Today’s post continues an ongoing series on Playbooks; which Phantom uses to automate and orchestrate your security operations plan. SIEM platforms, like Splunk, collect and aggregate log data from your security infrastructure. When configured, these platforms can alert you to a suspicious outbound connection from your managed networks or endpoints. When an analyst receives a … Continue reading Playbook: Investigate Suspicious Outbound Connections
Innovation is deeply rooted in our industry - driven by the attackers who are constantly evolving their techniques and the security industry working against them. I’ve seen the innovation first hand. At RSA, we built a business on our foundation in authentication and encryption to become a leader in several of the most important information … Continue reading Art Coviello Joins Phantom Board of Advisors