Getting Started with Security Automation and Orchestration

Introduction By many accounts, Security Automation and Orchestration (SA&O) has been a hot topic among Information Security (InfoSec) professionals since 2016. With all that interest comes operations teams trying to figure out how to get started with the technology. It seems fitting as 2018 gets underway, then, that we offer up some advice for taking your first steps toward leveraging automation and orchestration in your practice.

A Day in the Life of a Phantom Security Solutions Architect

I recently sat down with Frank Scholl, a Phantom Security Solutions Architect. I wanted to find out more about what a Security Solutions Architect does on a day-to-day basis and how this role enables Phantom customers to be successful with their Security Automation and Orchestration (SA&O) efforts. Frank, describe your role here at Phantom. What … Continue reading A Day in the Life of a Phantom Security Solutions Architect

Selecting the Right Skills for Your SA&O Project (Part 1 of 2)

In my previous entry, I wrote about Selecting Tools for Orchestration. This multi-part article continues on the theme, focused on selecting the right skills for your project. Intro I’m going to admit something to you: I not very good at the Do-It-Yourself home project thing. I have always been more focused on the art of … Continue reading Selecting the Right Skills for Your SA&O Project (Part 1 of 2)

Using Custom Lists in Phantom Playbooks

Custom Lists are a powerful capability of the Phantom platform.  Customers typically use Custom Lists to maintain a dynamic list of items that persists on the platform. The function also commonly serves a caching mechanism to reduce overburdening a service. Custom Lists are available on-platform to playbooks and externally to third-party systems. In this blog entry, we will explore … Continue reading Using Custom Lists in Phantom Playbooks

Selecting Tools for Orchestration

“Playing in an orchestra is completely different to playing on my own. Sometimes I played, sometimes listened; instead of waiting my turn, I sometimes interrupted another player, sometimes I argued, sometimes agreed.” ― Kevin Crossley-Holland, Heartsong In my previous entry, I discussed Selecting Use Cases for Automation.  Next comes the exciting part of playbook design—technology … Continue reading Selecting Tools for Orchestration

What Are You Willing to Automate?

We started a new series on the blog recently, designed to offer experience-based best practices for approaching SOC Automation.  While most understand the value of automation broadly, developing practical use cases is the first step in realizing the benefits of this emerging technology. While the possibilities for automation are nearly endless, many start the journey with … Continue reading What Are You Willing to Automate?