KEEPNET LABS > Integrations > Splunk Phantom

Splunk Phantom

The end user’s e-mail is analyzed in the Incident Responder-integrated analysis engines. If the results of the analysis are proven to be dangerous, the company’s SOC team will attempt to eliminate the malicious e-mail with solutions such as Antivirus, Firewall, EDR, Proxy, and so on. Manually doing this step takes a long time and causes delays in incident response.

Integration with the Incident Responder module provides additional power to manage reported incidents and conduct investigations automatically and more efficiently.

Integrate Quickly and Easily

The platform’s REST API library makes integration quick and easy.

Fully Integrated

You can control almost all of the Incident Responder features using Splunk Phantom. For example, you can update a case and start a new investigation. 

Boost Your Analysis!

Several analysis engines can be used to analyze incidents.

Track Your Team Performance

Integration also gives you the ability to track the performance of your analyst team.

Get Your Private Demo Session

Book a free 30-minute video call with our experts.

Use Cases

Keepnet Labs Advantages