While Security Automation & Orchestration platforms are certainly equipped to handle complex use cases, it’s not the only way to automate. Simple tasks often thought of as daily annoyances are also perfect for automation; “utility playbooks” as one user coined them. These small playbooks pack a powerful punch.
Before joining Phantom, I worked in several security operations roles at a large electric power company. During my time there, we built out our Security Operations Center (SOC) and added numerous security tools to identify, investigate, and respond to cyber threats. As we grew, I realized how difficult it was just to keep track of … Continue reading Playbooks: Going Beyond Incident Response Use Cases
This month we would like to congratulate Martin Ohl with McAfee as the Phantom Community Contributor of the Month for September 2017. In just a short period of time, Martin has made a number of contributions to the Phantom Community, including: McAfee OpenDXL App for Phantom https://my.phantom.us/3.0/apps/?search=McAfee%20OpenDXL McAfee Advanced Threat Defense (ATD) App for Phantom https://my.phantom.us/3.0/apps/?search=McAfee%20Advanced%20Threat%20Defense%20(ATD) Phishing … Continue reading Announcing the Phantom Community Contributor of the Month for September 2017
Protecting our most important business assets from cyber threats is a growing challenge that we all face. We are more and more dependent on IT and connectedness for the delivery of our services, the operation of our infrastructure, and even our daily life. The growing complexity and scale of the underlying infrastructure exceed the … Continue reading Freddy Dezeure Joins Phantom’s Board of Advisors
Though we’re easily enamored with new technologies like artificial intelligence and machine learning, do they actually help us solve real problems in the SOC like reducing Mean Time to Resolution (MTTR)? Read a security-related press release or been to an event recently? You’ve no doubt been wondering how you managed to do your job all … Continue reading AI, ML – is it all just BS?
Team Phantom is excited to announce that version 3.0 of the Phantom Platform is now Generally Available (GA)! This release significantly improves an analyst's experience with the platform, while also helping to improve key Security Operations Center (SOC) metrics like Mean Time to Resolution (MTTR). With hundreds of enhancements and upgrades, you'll notice improvements that … Continue reading Announcing Phantom 3.0: Improved Efficiency and Collaboration, Fully-Integrated Case Management, Mission Guidance™, and More!
This month we would like to congratulate Drew Snellgrove with GE as the Phantom Community Contributor of the Month for July 2017. Drew contributed significant amounts of valuable feedback during a recent beta program. His inputs have helped the Phantom team build a quality platform that every community member will benefit from.