Evaluating an SA&O Platform’s Security

One of the most important aspects to consider when evaluating a security automation and orchestration (SA&O) platform is the inherent security features it offers. An SA&O platform holds security infrastructure details, authentication credentials, operations and response plans, security event data, and other highly-sensitive information. It also serves as the operating system for your security infrastructure, … Continue reading Evaluating an SA&O Platform’s Security

Playbook: Detect, Block, Contain, and Remediate Ransomware

Today’s post continues an ongoing series on Phantom playbooks; which the platform uses to automate and orchestrate your security operations plan. This example examines one of the playbooks included with the Phantom platform.  Ransomware is one the leading threats facing organizations today. With volumes of malicious inbound emails and already infected devices within your environment, … Continue reading Playbook: Detect, Block, Contain, and Remediate Ransomware

Announcing the Phantom Community Contributor of the Month for May 2017

This month we would like to congratulate Yoshizumi Sakai, from Tokyo Electron Device, as the Phantom Community Contributor of the Month for May 2017.  In the month of May, Yoshizumi wrote several Phantom Apps to support the joint customers and users of Tokyo Electron Device and Phantom.  Yoshizumi kindly contributed the apps he authored back … Continue reading Announcing the Phantom Community Contributor of the Month for May 2017

Tech Session: Hear From a Community App Developer

In Security Automation & Orchestration (SA&O), connectors to different technologies that already exist in customer environments are critical to the success of a SA&O platform deployment. When talking to customers and partners, I often find myself saying, “An orchestration platform is useless if it doesn’t orchestrate across all necessary technologies.” That is why connectors are … Continue reading Tech Session: Hear From a Community App Developer

Core SA&O Platform Capability: Metrics & Reporting

This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. Two key benefits from your automation efforts should include increased productivity and increased quality. Metrics that demonstrate these increases are critical to measuring the overall effectiveness of a Security Automation and Orchestration (SA&O) platform. Metrics also … Continue reading Core SA&O Platform Capability: Metrics & Reporting

How Must SAO Solutions Evolve to Gain Widespread Adoption?

To coincide with an upcoming webinar, we recently presented guest Forrester Senior Analyst Joseph Blankenship with a series of questions about the current and predicted future state of Security Automation and Orchestration (SAO).  Below are his responses to our questions and the Forrester view on the market. How does SAO help security teams? Security teams … Continue reading How Must SAO Solutions Evolve to Gain Widespread Adoption?