PRESS RELEASE

Palo Alto, CA. – October 11, 2016 – Phantom, the first company to provide an open, extensible, and community-powered security automation and orchestration platform, has extended its lead since entering the market and being named RSA Conference 2016’s Most Innovative Startup earlier this year.  Product innovation, plus growth with partners and playbooks shows the strength of a community-powered approach.

“Security automation and orchestration has become a top priority for organizations,” said Oliver Friedrichs, Founder & CEO of Phantom.  “This has driven strong interest in our platform, our partner ecosystem, and the playbooks our community has developed. The innovation and growth proves that reducing time spent on tedious and repetitive tasks through automation is becoming a must-have means of increasing the capacity of security teams and driving consistency for more accurate results.”

Product

Phantom 2.0 became generally available in late September.  Fueled by feedback from customers and the community, this release delivered more than 500 enhancements including:

·         Playbook Editor 2.0 for Tier 3 Analysts to visually create automation playbooks.  The new Playbook Editor provides a new experience through a rich, visual, BPMN-based (Business Process Model & Notation) editor enabling users to create playbooks more easily, with or without coding skills.

·         Mission Control 2.0 for Tier 1 Analysts to triage security events and alerts more efficiently.  The details of the incident, triage, status, and results are presented in a single view, speeding the event and alert triage process for security operations teams.  Mission Control also introduces an Activity Feed that is a Slack-like interface enabling collaboration and commenting between all team members working on an event or alert.

·         Onboarding Process to get new users executing automated playbooks in less than 5 minutes.  The process allows users to quickly configure a data source like a SIEM platform, threat intelligence feed, email message, RESTful API, or sample data, and then configure security tools utilized in the playbook before enabling the automation playbook to execute.

Visit the TryPhantom YouTube channel to see these enhancements and others.

Partners

Solution and technology partners are embracing the growing popularity of security automation and orchestration as well as Phantom’s unique, community-powered approach.  Companies like World Wide Technology (WWT) recognize Phantom’s extensibility as a way to grow their services businesses and deliver increased value to clients.

Mike McGlynn, Vice President of Security Solutions at WWT said, “Automation is becoming increasingly important to our clients who face the challenge of limited resources, an increasing threat surface and incident rate, and an overwhelmingly complex IT infrastructure.  We’ve tapped Phantom as a key solution partner based on the strength of their product combined with our security domain expertise.  We are seeing significant demand for security automation from our clients.” 

Phantom’s community-powered approach enables collaboration, development, and sharing of apps and playbooks amongst users. Phantom has more than 75 apps available that span reputation services, endpoint technologies, sandboxing, firewalls, and common mobile, virtual and cloud based security products.  Many of the apps were developed by Phantom partners as well as the community at large.

Playbooks

The new Phantom Playbook Editor and updated community site offers users the most extensive resource in the industry to address security challenges, share information, and showcase their skills.  As with Phantom Apps, many of the playbooks were developed by partners.

Mark Kendrick, Director of Business Development, DomainTools said, "The new Playbook Editor in Phantom 2.0 makes it incredibly easy to build complex registrant and infrastructure pivots on domain names and the actors who register them.  It's the perfect setting for DomainTools data because it makes proven workflows available to an entire team. Our updated DomainTools App will take advantage of the new features in Phantom 2.0, and it will also enable access to our Domain Reputation and Reverse Whois datasets."

Phantom offers playbooks for investigation, threat hunting, and several others through the community playbook library.  Users can easily pull other playbooks from the Phantom Community Site or create their own with the new Playbook Editor in the Phantom 2.0 release.

Anyone interested in seeing how Phantom can help their organization should sign-up for the free Phantom Community Edition, attend a Tech Session to see Phantom in action, and read more about playbooks on the Phantom blog.  Those interested in showcasing their security automation and orchestration skills, may also opt to join Phantom’s Playbook & App Challenge.  The contest, which runs through December 2, 2016, will award a cash prize to the community user submitting the most impressive playbook and app combination.

ABOUT PHANTOM

Phantom, which was recognized as the most innovative company at the 2016 RSA Conference, automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger; Phantom provides the flexibility to connect in-house and third-party systems into one open, integrated and extensible platform. Phantom was founded by enterprise security veterans Oliver Friedrichs and Sourabh Satish who have helped propel companies like Symantec, Sourcefire, Cisco and others to success. For more information visit: www.phantom.us.