August 29, 2017

Anomali, Phantom Partnership Provides Cybersecurity Automation and Orchestration

Joint Customers Can Now Automate Threat Hunting, Investigations, Alerts and Response

REDWOOD CITY, CA--(Marketwired - Aug 29, 2017) - Anomali, provider of market-leading threat intelligence platforms, and Phantom, the leader in security automation and orchestration, today announced a partnership to provide a platform that delivers unified threat intelligence with security automation and orchestration. Joint customers that use Anomali ThreatStream and Phantom Security Automation and Orchestration together will gain the ability to automate hundreds of security actions, regain control of incident backlogs and shrink the gap between cybersecurity need and capability -- now widening at an alarming rate.

According to the ISACA, a non-profit information security advocacy group, there will be a global shortage of 2 million cyber security professionals by 2019. Organizations already lack the skilled professionals required to analyze the volume of incidents that occur on a daily basis, leaving the majority of alerts uninvestigated as cyberattacks continue to grow in frequency and magnitude. To allow organizations to glean the most value from their existing resources, the joint solution allows users to drastically scale operational efficiency through integrated and orchestrated intelligence and response capabilities. The combined solution automates repetitive tasks, allowing security teams to focus their attention on the most mission-critical decisions threatening the enterprise.

"Security teams are stretched thin when it comes to resources, talent and time. Tasked with identifying, analyzing and mitigating threats, these teams need tools that allow them to focus on identifying problems and to take action on priorities that require human expertise," said Colby DeRodeff, chief strategy officer at Anomali. "Despite their best efforts, incident backlogs continue to build daily. By partnering with Phantom, Anomali gives customers the ability to reduce mean time to resolution of an incident. The solution provided by the partnership is really the force multiplier needed to marshal the full power of security investments."

Contextual threat information from Anomali ThreatStream is pre-loaded into the Phantom Security Automation and Orchestration platform, which then ingests curated and risk-ranked Indicators of Compromise (IOCs) to drive automated triage and execution of automated response playbooks. By automatically delivering IOCs from the ThreatStream Platform to the Phantom Platform, the combined solution automates hunting, investigation, alerting, and response -- giving valuable time back to analysts otherwise spent completing the tasks themselves. To provide further context, analysts can right-click look ups on the ThreatStream platform to search for associated Threat Bulletins, Actor Association, related IOCs, and more.

"Phantom allows customers to use documented processes and workflows to automate threat response, unifying incident details with key threat intelligence needed to speed up the human analysis of complex incidents. By seamlessly integrating our Security Automation and Orchestration Platform with Anomali Threatstream, we can better provide this service to our customers," said Sourabh Satish, Co-founder and Chief Technology Officer at Phantom. "When possible, we want to rid cybersecurity professionals of the tasks that consume their valuable time -- time that should be spent making critical decisions with the critical thinking only capable of such an expert."

Register for Anomali and Phantom's webinar, "Efficient Triage and Response Using Intelligence-Driven Orchestration" here:
Learn more about Anomali products:

Learn more about Phantom products: PHANTOM
Follow Anomali on Twitter:
Follow Phantom on Twitter:
Follow Anomali on LinkedIn:
Follow Phantom on LinkedIn:

About Anomali
The Anomali suite of threat intelligence solutions empowers organizations to detect, investigate and respond to active cybersecurity threats. The award-winning ThreatStream threat intelligence platform aggregates and optimizes millions of threat indicators, creating a "cyber no-fly list." Anomali integrates with internal infrastructure to identify new attacks, or search forensically over the past year to discover existing breaches, and enables security teams to quickly understand and contain threats. Anomali also offers STAXX, a free tool to collect and share threat intelligence, and provides a free, out of the box intelligence feed, Anomali Limo. To learn more, visit and follow us on Twitter: @anomali.

About Phantom
Phantom is the leader in security automation and orchestration. It integrates your existing security technologies, providing a layer of connective tissue between them. The Phantom platform helps you work smarter by automating repetitive tasks, effectively force multiplying your team's efforts and allowing them to focus their attention on mission-critical decisions. It also helps you respond faster and reduce dwell times with automated detection, investigation, and response. Using Phantom helps you strengthen your defenses by integrating your entire security infrastructure together so that each part is actively participating in your defense strategy. For more information visit: