This is a guest blog post from Vince Stross, a Senior Security Engineer at ExtraHop, reflecting on the process of integrating ExtraHop Reveal(x) security analytics with Phantom's simple, powerful automation and orchestration capabilities. Successful automation and orchestration of security processes require having the right data at the right time and doing the right thing with … Continue reading Twenty Four Hours To Build An ExtraHop App For Phantom
DerbyCon is by far my favorite security conference each year. The quality of the talks, the amazing variety of challenges (a/k/a villages) to try your hand at, and the family-friendly community atmosphere all combine to form a very special event. Upon arrival at last year’s iteration of DerbyCon, I scanned the program for interesting talks that I wanted to attend live. Working for Phantom, and being a believer in the value of automation for security operations, I was immediately intrigued by a session title that claimed the author almost automated himself out of a job.
Rich Bowen recently joined Phantom as our Vice President of Engineering. We asked Rich to provide his thoughts on the industry and what led him to join the Phantom team. I’ve been a security guy for over 10 years now, first cutting my teeth at security vendor Fortify. Fortify is a static analysis tool used … Continue reading Why I’m Investing the Next Phase of my Career in Security Automation, Orchestration, and Response
Before joining Phantom, I worked in several security operations roles at a large electric power company. During my time there, we built out our Security Operations Center (SOC) and added numerous security tools to identify, investigate, and respond to cyber threats. As we grew, I realized how difficult it was just to keep track of … Continue reading Playbooks: Going Beyond Incident Response Use Cases
A few lucky attendees at RSAC took home one of our customer commissioned Phantom LEGO SOC kits thanks to a casual comment by Sourabh, our CTO. He remarked how Phantom’s open and extensible architecture works like LEGO for the SOC since you can assemble our playbooks, apps, and actions to support just about any use … Continue reading More SOC Lessons from LEGO
I joined Phantom just before the holiday, and I’ll be working with our clients in the Southeastern US. The end of year season offers a rare luxury of time when joining a new company to reflect on the big picture as much as the details. I had one of those “big picture” moments over the … Continue reading Security Automation – A Free Puppy?