This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. The automation editor of a Security Automation and Orchestration (SA&O) platform is where an analyst or manager codifies their processes into automation playbooks. The predecessor to a visual automation editor is the basic source code editor. … Continue reading Automation Editor: Core SA&O Platform Capability
This month we would like to congratulate Richard Schmidt as the Phantom Community Contributor of the Month for April 2017. Richard is an individual contributor who has spent a significant amount of time providing in-depth product feedback and feature requests. His feedback spans the areas of Mission Control, Visual Playbook Editor, as well as the … Continue reading Announcing the Phantom Community Contributor of the Month for April 2017
One of the key benefits of a Security Automation and Orchestration (SA&O) platform is its ability to strengthen your defenses and in turn reduce your organization’s security risk exposure. With new sources of risk constantly being added to the surface of your environment, leveraging SA&O allows you to reduce that risk in a number of powerful ways. This reduction in risk can be attributed to several factors including: Capacity, Speed, and Consistency.
Two of the great new enhancements in the Phantom 2.1 release are the new Phantom Dashboard, complete with all new ROI metrics, and the Playbook Import / Export capability that allows you to easily move your playbooks on or off platform. The team recently created two new videos to help you learn more about these … Continue reading Visit our YouTube Channel to See Phantom 2.1 in Action
We all know that one of the key benefits to automation is increased efficiency—you get more done with fewer resources and in a shorter amount of time. Another way to increase your efficiency is by having native abilities to track, measure, calculate, and report the benefits of the automation tool. Often times with automation, we trust the work was done but it can be hard to verify or quantify the returns. ROI analysis, if performed at all, is done manually through log analysis and complex spreadsheets. We want to take the lead in quantifying returns and help you easily understand the time savings, dollar savings, and true resource expansion associated with security automation and orchestration. After all, automation is awesome, but there is an added level of satisfaction when you know, with certainty, the technical and business impact that the solution is providing.
Choosing an SA&O platform with integrated case management allows you to benefit from the underlying automation and orchestration capabilities native to the platform. From automated ticketing, to sending email or text notifications, to highly-complex automation responses, case management automation and orchestration allows you to be more productive—which is a primary goal of an SA&O platform.
This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. One of the most important functions of a Security Automation and Orchestration (SA&O) platform is to reduce the need to manually triage low priority and false positive alerts. Just after data ingestion, an alert management … Continue reading Core SA&O Platform Capability: Alert Management