Playbook: Detect, Block, Contain, and Remediate Ransomware

Today’s post continues an ongoing series on Phantom playbooks; which the platform uses to automate and orchestrate your security operations plan. This example examines one of the playbooks included with the Phantom platform.  Ransomware is one the leading threats facing organizations today. With volumes of malicious inbound emails and already infected devices within your environment, … Continue reading Playbook: Detect, Block, Contain, and Remediate Ransomware

Playbook Series: Secure Compromised Accounts

If you are one of the many security analysts that receives threat intelligence about compromised user accounts, you understand the significant amount of time it takes to investigate and respond to each report. In many practices the manual process might include: Parsing the inbound threat intelligence for Indicators of Compromise (IoCs) like username and password … Continue reading Playbook Series: Secure Compromised Accounts

Playbook Series: Rootkits: Automatically Remediate Virtual Machines

Most security professionals will agree; the most reliable way to remediate Rootkit infections on Virtual Machines (VMs) is to re-image or revert the virtual machine to a pre-infected state. Today’s entry to our playbook series examines a Phantom playbook, included with our version 2.0 release of the platform, that automates this scenario. A visual representation … Continue reading Playbook Series: Rootkits: Automatically Remediate Virtual Machines

Playbook Series: Phishing: Automate and Orchestrate Your Investigation and Response

Phishing emails are not a new type of threat to most security professionals, but dealing with the growing volume and potential impact of them require an innovative solution. Today’s entry to our Playbook Series focuses on automating your Incident Response (IR) workflow for this common threat. The Phantom security automation and orchestration platform includes a sample … Continue reading Playbook Series: Phishing: Automate and Orchestrate Your Investigation and Response