This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. One of the most important functions of a Security Automation and Orchestration (SA&O) platform is to reduce the need to manually triage low priority and false positive alerts. Just after data ingestion, an alert management … Continue reading Core SA&O Platform Capability: Alert Management
The Phantom Community has been very active in 2017! We consistently grow in community members each day, with activity in our Phantom Community Slack channel growing in sync. We’ve also had lots of great App and Playbook contributions from our community members. To continue with our history of recognizing leading community contributors, like the HOF … Continue reading Announcing the First Phantom Community Contributor of the Month!
Phishing investigations is one of the most common use cases that we have observed security teams selecting to automate. We’ve written about it before, and covered it on a few Phantom Tech Sessions. Still, as I learned more about Rackspace’s use case, I thought it would be interesting to share it with the community. It’s … Continue reading Phishing in South Texas
Last month on March 23, 2107 the Johns Hopkins University Applied Physics Lab (JHU/APL) held their most recent Integrated Adaptive Cyber Defense (IACD) Project Community Day. The event hosted 136 unique organizations across a variety of industries. It featured an IACD Overview, an IACD Framework Brief, and an Implementation Findings Brief presented by the JHU/APL … Continue reading Integrated Adaptive Cyber Defense Project
Team Phantom is excited to announce the General Availability of our latest Phantom platform release, version 2.1! Here is a sample of what you'll find. Updated Dashboard Metrics and Executive Reporting The main dashboard of the Phantom platform has been re-imagined and now includes more automation and usage metrics. From the platform dashboard, you … Continue reading Announcing Phantom 2.1 General Availability
Automation has become so relevant to the mainstream; in our cars, our homes, and even our music. Allow me to digress a bit. The DAW (Digital Audio Workstation) is a mainstay in modern music production. In short, it’s HW or SW that musicians use to record, edit, and produce audio. If you’ve used tools like GarageBand, then you’ve experienced music production capabilities like that of a DAW.
I’ve been involved in information technology and the information security space for over twenty years and have seen an industry that’s been constantly trying to solve common IT security threats with a plethora of software and hardware tools. In the early days, antivirus appeared to be the right solution to the problem. As the sophistication of attacks … Continue reading My Journey to Security Automation & Orchestration