Automation Editor: Core SA&O Platform Capability

This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. The automation editor of a Security Automation and Orchestration (SA&O) platform is where an analyst or manager codifies their processes into automation playbooks. The predecessor to a visual automation editor is the basic source code editor. … Continue reading Automation Editor: Core SA&O Platform Capability

Announcing the Phantom Community Contributor of the Month for April 2017

This month we would like to congratulate Richard Schmidt  as the Phantom Community Contributor of the Month for April 2017. Richard is an individual contributor who has spent a significant amount of time providing in-depth product feedback and feature requests. His feedback spans the areas of Mission Control, Visual Playbook Editor, as well as the … Continue reading Announcing the Phantom Community Contributor of the Month for April 2017

Reduce Your Risk Exposure With SA&O

One of the key benefits of a Security Automation and Orchestration (SA&O) platform is its ability to strengthen your defenses and in turn reduce your organization’s security risk exposure. With new sources of risk constantly being added to the surface of your environment, leveraging SA&O allows you to reduce that risk in a number of powerful ways. This reduction in risk can be attributed to several factors including: Capacity, Speed, and Consistency.

Automate Your Response to WannaCry Ransomware

We’ve highlighted the Phantom Community Ransomware Playbook before on the Phantom Blog. It is a general purpose ransomware playbook that is adaptable to many different types of ransomware. Given the widespread impact of the WannaCry threat, however, we wanted to dedicate a blog entry to this particular threat and provide you with customized playbooks and … Continue reading Automate Your Response to WannaCry Ransomware

Core SA&O Platform Capability: Playbook Management

This article is a part of a series describing the essential criteria of a Security Automation and Orchestration platform. Introduction Working from Standard Operating Procedures (SOPs) is an important way to mature your security operations. Building and maintaining the SOPs, however, requires a significant amount of up front investment and collaboration. Since Security Automation and … Continue reading Core SA&O Platform Capability: Playbook Management

What’s Your Automation ROI?

We all know that one of the key benefits to automation is increased efficiency—you get more done with fewer resources and in a shorter amount of time. Another way to increase your efficiency is by having native abilities to track, measure, calculate, and report the benefits of the automation tool. Often times with automation, we trust the work was done but it can be hard to verify or quantify the returns. ROI analysis, if performed at all, is done manually through log analysis and complex spreadsheets. We want to take the lead in quantifying returns and help you easily understand the time savings, dollar savings, and true resource expansion associated with security automation and orchestration. After all, automation is awesome, but there is an added level of satisfaction when you know, with certainty, the technical and business impact that the solution is providing.