Data Exfiltration Monitoring with Phantom, Ansible, and Cisco ACI

A great use case submitted by one of our top contributors in the community!  Joel King of WWT, built an automation that monitors for data exfiltration using Phantom, Ansible, and Cisco.

Joel submitted this as an entry in Round 2 of the 2016 Phantom App & Playbook Challenge.

An overview of the App, and links to a YouTube video clip, as well as PowerPoint slides which document the use case are here:

The source code and the .tgz file are in this GitHub repository:

CP Morey

Posted by


Show All Tags
Show Less Tags