Announcing Phantom 3.0: Improved Efficiency and Collaboration, Fully-Integrated Case Management, Mission Guidance™, and More!

Team Phantom is excited to announce that version 3.0 of the Phantom Platform is now Generally Available (GA)!   This release significantly improves an analyst's experience with the platform, while also helping to improve key Security Operations Center (SOC) metrics like Mean Time to Resolution (MTTR). With hundreds of enhancements and upgrades, you'll notice improvements that … Continue reading Announcing Phantom 3.0: Improved Efficiency and Collaboration, Fully-Integrated Case Management, Mission Guidance™, and More!

Playbook: Using Filters, Decision-Making Logic, Custom Lists, User Prompts, and Scheduled Actions

This blog entry continues an ongoing series of articles describing Phantom Playbooks; which the platform uses to automate and orchestrate your security operations plan. This example examines one of the playbooks included with the Phantom Platform. In May of 2017, Phantom's Co-Founder and CTO Sourabh Satish held two consecutive Tech Sessions covering capabilities of the Phantom … Continue reading Playbook: Using Filters, Decision-Making Logic, Custom Lists, User Prompts, and Scheduled Actions

Playbook: Risk-Based Domain Blocking

New domains are created everyday as part of the normal operation of the Internet Domain Name Service (DNS). Unfortunately, bad actors commonly use newly created domains for criminal activities like spam, malware distribution, or botnet command and control (C&C). They commonly use the new domains within the first few minutes of creating them—making it difficult to build effective domain-based blocking policies.

Playbook: Automated Lost or Stolen Device Response

A lost or stolen device not only presents an inconvenience for the owner, but also commonly triggers a data security incident if the device contains company-owned information. Responding to reports of lost or stolen devices promptly and efficiently helps protect your sensitive information and other assets. Moreover, depending on your industry and geography, a rapid and consistent response process ensures that you remain in compliance with state and federal law.