Security Automation, Orchestration and Response ("SOAR") is a family of technologies that tie together a organization's people, processes and technologies for effective incident response. Automation can improve incident response time and capacity, increase the effectiveness of threat hunting, combine and extend the capabilities an organization's security tools, analysts and engineers and reduce human error.
WWT integrates Phantom, a best-of-breed SOAR tool, to help customers perform security infrastructure orchestration, playbook automation and case management. Phantom improves security operations by automating repetitive tasks, reducing dwell times with automated investigations and tying existing security tools together to extend their reach. Supported by a diverse online community with an extensive library of tool integrations and close integration with the industry leading Splunk platform, Phantom can be a key component of an enterprise risk reduction strategy.
This scheduled lab demonstrates how Phantom can be used to automate diverse security tools to improve an organization's overall risk posture.