Phishing emails are not a new type of threat to most security professionals, but dealing with the growing volume and potential impact of them require an innovative solution. Today’s entry to our Playbook Series focuses on automating your Incident Response (IR) workflow for this common threat. The Phantom security automation and orchestration platform includes a sample … Continue reading Playbook Series: Phishing: Automate and Orchestrate Your Investigation and Response
Saint Bernard of Clairvaux supposedly said it back in 1150. He certainly wasn’t thinking about security products when he said it, but the quote may nonetheless apply. Shelfware is a common ailment in the tech industry, and the security segment isn’t immune to the phenomenon. Many a product has been bought, only to gather dust … Continue reading The Road to Hell is Paved with Good Intentions
Today’s post continues an ongoing series on Phantom playbooks; which the platform uses to automate and orchestrate your security operations plan. This example examines one of the sample playbooks included with the Phantom 2.0 platform release. Ransomware is one the leading threats facing organizations today. With volumes of malicious inbound emails and already infected devices … Continue reading Playbook Series: Ransomware: Detect, Block, Contain, and Remediate
Palo Alto Networks and Phantom combine best-in-class protection with best-in-class security automation and orchestration, offering increased advanced threat visibility and protection that is fully synchronized across the security environment. Palo Alto Networks can be quickly integrated with the Phantom platform using Phantom Apps for AutoFocus threat intelligence, PA Series network firewalls, Panorama centralized management, and … Continue reading Automation with Palo Alto Networks and Phantom
Today’s post continues an ongoing series on Phantom playbooks; which the platform uses to automate and orchestrate your security operations plan. This example examines one of the sample playbooks included with the Phantom 2.0 platform release. The Phantom platform can automatically gather threat intelligence for you and enrich inbound security events. With the added context … Continue reading Playbook Series: Enrich Security Events with External Threat Intelligence
It's been less than 3 quarters since we launched the first version of Phantom, and I'm amazed at the progress we've made in such a short period of time. Today I am pleased to officially announce the General Availability of Phantom 2.0 with more than 500 improvements including the new Playbook Editor, Mission Control, Onboarding, … Continue reading Phantom Extends Lead in Security Automation and Orchestration Market with New Product, Partners, and Playbooks
The Phantom platform can receive community-based intelligence and automatically execute enrichment and threat hunting steps for every IOC and artifact within your environment.