Evaluating an SA&O Platform’s Security

One of the most important aspects to consider when evaluating a security automation and orchestration (SA&O) platform is the inherent security features it offers. An SA&O platform holds security infrastructure details, authentication credentials, operations and response plans, security event data, and other highly-sensitive information. It also serves as the operating system for your security infrastructure, … Continue reading Evaluating an SA&O Platform’s Security

Core SA&O Platform Capability: Metrics & Reporting

This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. Two key benefits from your automation efforts should include increased productivity and increased quality. Metrics that demonstrate these increases are critical to measuring the overall effectiveness of a Security Automation and Orchestration (SA&O) platform. Metrics also … Continue reading Core SA&O Platform Capability: Metrics & Reporting

App Framework: Core SA&O Platform Capability

This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. The App Framework of a Security Automation and Orchestration (SA&O) platform provides the interface for new App integrations. These integrations connect the platform to any of the thousands of point security products available today. Most SA&O … Continue reading App Framework: Core SA&O Platform Capability

Core SA&O Platform Capability: Playbook Management

This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. Introduction Working from Standard Operating Procedures (SOPs) is an important way to mature your security operations. Building and maintaining the SOPs, however, requires a significant amount of up front investment and collaboration. Since Security Automation and … Continue reading Core SA&O Platform Capability: Playbook Management

The Automation Engine

This entry is part of a series that outlines key criteria to consider when evaluating Security Automation & Orchestration (SA&O) platforms. This entry focuses on the automation engine, one of eight core components of an SA&O platform. Like the orchestrator component we explored in the first entry of this series, the automation engine component is another critical area when evaluating an SA&O platform.

Top Three Criteria of an Orchestrator

This entry is the first in a series that outline key criteria to consider when evaluating Security Automation & Orchestration (SA&O) platforms. Here at Phantom, we define security orchestration as “the machine-based coordination of a series of interdependent security actions across a complex infrastructure.” Considering this definition, it’s easy to derive that one of the … Continue reading Top Three Criteria of an Orchestrator