SOAR

Splunk Phantom – is a fully featured Security Orchestration Automation and Response solution. It combines security infrastructure orchestration, playbook automation and case management capabilities to streamline IT teams. Phantom completes Splunk’s platform for any Security Operation Center by offering automatic reactions on security incidents and much more. Phantom’s flexible app model supports hundreds of tools and thousands of unique APIs, enabling connection and coordination of complex workflows across big variety of solutions. It enables teams to work smarter by executing a sequence of action from gathering forensic data, through detonating files in Sandbox to quarantining a device or blocking user, everything successfuly and automaticaly done in seconds instead of hours or days. As an open platform, Phantom allows security teams also to create own actions with it’s visual editor or by integrated Python development environment.
SOAR/SOC
No image
Settings
soar
Съдържание
SOAR

Splunk Phantom – is a fully featured Security Orchestration Automation and Response solution. It combines security infrastructure orchestration, playbook automation and case management capabilities to streamline IT teams. Phantom completes Splunk’s platform for any Security Operation Center by offering automatic reactions on security incidents and much more. Phantom’s flexible app model supports hundreds of tools and thousands of unique APIs, enabling connection and coordination of complex workflows across big variety of solutions. It enables teams to work smarter by executing a sequence of action from gathering forensic data, through detonating files in Sandbox to quarantining a device or blocking user, everything successfuly and automaticaly done in seconds instead of hours or days. As an open platform, Phantom allows security teams also to create own actions with it’s visual editor or by integrated Python development environment.