SECURITY

Data Exfiltration Monitoring with Phantom, Ansible, and Cisco ACI

A great use case submitted by one of our top contributors in the community!  Joel King of WWT, built an automation that monitors for data exfiltration using Phantom, Ansible, and Cisco.

Joel submitted this as an entry in Round 2 of the 2016 Phantom App & Playbook Challenge.

An overview of the App, and links to a YouTube video clip, as well as PowerPoint slides which document the use case are here: https://github.com/joelwking/Phantom-Cyber#ansible-tower-app

The source code and the .tgz file are in this GitHub repository: https://github.com/joelwking/Phantom-Cyber/tree/master/ansible_tower.

----------------------------------------------------
Thanks!
CP Morey

Splunk
Posted by

Splunk

TAGS

Data Exfiltration Monitoring with Phantom, Ansible, and Cisco ACI

Show All Tags
Show Less Tags

Join the Discussion