Before joining Phantom, I worked in several security operations roles at a large electric power company. During my time there, we built out our Security Operations Center (SOC) and added numerous security tools to identify, investigate, and respond to cyber threats. As we grew, I realized how difficult it was just to keep track of … Continue reading Playbooks: Going Beyond Incident Response Use Cases
This month we would like to congratulate Martin Ohl with McAfee as the Phantom Community Contributor of the Month for September 2017. In just a short period of time, Martin has made a number of contributions to the Phantom Community, including: McAfee OpenDXL App for Phantom https://my.phantom.us/3.0/apps/?search=McAfee%20OpenDXL McAfee Advanced Threat Defense (ATD) App for Phantom https://my.phantom.us/3.0/apps/?search=McAfee%20Advanced%20Threat%20Defense%20(ATD) Phishing … Continue reading Announcing the Phantom Community Contributor of the Month for September 2017
Protecting our most important business assets from cyber threats is a growing challenge that we all face. We are more and more dependent on IT and connectedness for the delivery of our services, the operation of our infrastructure, and even our daily life. The growing complexity and scale of the underlying infrastructure exceed the … Continue reading Freddy Dezeure Joins Phantom’s Board of Advisors
Last week’s Phantom SOC™ 2017 Conference was a huge success and one of the most educational (and fun) events from the conference was the Phantom Hackathon Challenge. We are happy to announce and recognize the winning team, consisting of three members: Surath de Mel, Optiv Alan Shaikh, BlackRock Xiaobo Liu, Palo Alto Networks The winning … Continue reading Hackathon Winners from Phantom SOC 2017
A common security operations task involves investigating newly discovered servers on an organization's network. Whether detected by a scanning system or through a network detection system, the playbook below is triggered into action once a ticket is created to investigate the newly discovered server.
Team Phantom is excited to announce that version 3.0 of the Phantom Platform is now Generally Available (GA)! This release significantly improves an analyst's experience with the platform, while also helping to improve key Security Operations Center (SOC) metrics like Mean Time to Resolution (MTTR). With hundreds of enhancements and upgrades, you'll notice improvements that … Continue reading Announcing Phantom 3.0: Improved Efficiency and Collaboration, Fully-Integrated Case Management, Mission Guidance™, and More!
This blog entry continues an ongoing series of articles describing Phantom Playbooks; which the platform uses to automate and orchestrate your security operations plan. This example examines one of the playbooks included with the Phantom Platform. In May of 2017, Phantom's Co-Founder and CTO Sourabh Satish held two consecutive Tech Sessions covering capabilities of the Phantom … Continue reading Playbook: Using Filters, Decision-Making Logic, Custom Lists, User Prompts, and Scheduled Actions