Playbook Series: Phishing: Automate and Orchestrate Your Investigation and Response

Phishing emails are not a new type of threat to most security professionals, but dealing with the growing volume and potential impact of them require an innovative solution. Today’s entry to our Playbook Series focuses on automating your Incident Response (IR) workflow for this common threat. The Phantom security automation and orchestration platform includes a sample … Continue reading Playbook Series: Phishing: Automate and Orchestrate Your Investigation and Response

$90 Billion on Cyber Security and it’s not Enough?

It’s the security circle of life. New threats breed new security technologies and services. Security budgets continue to outpace the prior year’s. Gartner research estimates security spending will exceed $90 Billion in 2017. Expenditures have never been greater, and the rate of growth isn’t slowing down. Despite devoting more of our resources – both technology … Continue reading $90 Billion on Cyber Security and it’s not Enough?

Playbook: Escalate Whaling and Other Attacks Targeting Executives

Whaling is a specific kind of spear phishing attack that’s targeted at your organization’s high-profile business executives, top leaders, and other roles that have access to highly-sensitive information. The goal of this type of attack is to deceive a high-value target into divulging confidential company information. The attacker will usually attempt to obtain passwords, which they can then use to gain access to more information.

Automate Your Response to WannaCry Ransomware

We’ve highlighted the Phantom Community Ransomware Playbook before on the Phantom Blog. It is a general purpose ransomware playbook that is adaptable to many different types of ransomware. Given the widespread impact of the WannaCry threat, however, we wanted to dedicate a blog entry to this particular threat and provide you with customized playbooks and … Continue reading Automate Your Response to WannaCry Ransomware

Selecting the Right Skills for Your SA&O Project (Part 1 of 2)

In my previous entry, I wrote about Selecting Tools for Orchestration. This multi-part article continues on the theme, focused on selecting the right skills for your project. Intro I’m going to admit something to you: I not very good at the Do-It-Yourself home project thing. I have always been more focused on the art of … Continue reading Selecting the Right Skills for Your SA&O Project (Part 1 of 2)

My Journey to Security Automation & Orchestration

I’ve been involved in information technology and the information security space for over twenty years and have seen an industry that’s been constantly trying to solve common IT security threats with a plethora of software and hardware tools. In the early days, antivirus appeared to be the right solution to the problem. As the sophistication of attacks … Continue reading My Journey to Security Automation & Orchestration