Twenty Four Hours To Build An ExtraHop App For Phantom

This is a guest blog post from Vince Stross, a Senior Security Engineer at ExtraHop, reflecting on the process of integrating ExtraHop Reveal(x) security analytics with Phantom's simple, powerful automation and orchestration capabilities. Successful automation and orchestration of security processes require having the right data at the right time and doing the right thing with … Continue reading Twenty Four Hours To Build An ExtraHop App For Phantom

Phantom, Empire, and the DeathStar

DerbyCon is by far my favorite security conference each year. The quality of the talks, the amazing variety of challenges (a/k/a villages) to try your hand at, and the family-friendly community atmosphere all combine to form a very special event. Upon arrival at last year’s iteration of DerbyCon, I scanned the program for interesting talks that I wanted to attend live. Working for Phantom, and being a believer in the value of automation for security operations, I was immediately intrigued by a session title that claimed the author almost automated himself out of a job.

Why I’m Investing the Next Phase of my Career in Security Automation, Orchestration, and Response

Rich Bowen recently joined Phantom as our Vice President of Engineering. We asked Rich to provide his thoughts on the industry and what led him to join the Phantom team. I’ve been a security guy for over 10 years now, first cutting my teeth at security vendor Fortify. Fortify is a static analysis tool used … Continue reading Why I’m Investing the Next Phase of my Career in Security Automation, Orchestration, and Response

Playbooks: Going Beyond Incident Response Use Cases

Before joining Phantom, I worked in several security operations roles at a large electric power company. During my time there, we built out our Security Operations Center (SOC) and added numerous security tools to identify, investigate, and respond to cyber threats. As we grew, I realized how difficult it was just to keep track of … Continue reading Playbooks: Going Beyond Incident Response Use Cases