Integration Partner

Partner Logo

Automate and orchestrate rapid security investigation, response, and remediation workflows.



By combining Phantom's workflow automation with powerful network traffic analysis from ExtraHop, security teams are free to focus attention on mission-critical decisions. Reduce dwell times with real-time threat detection and investigation, and speed up response with playbooks executed at machine speed. Let ExtraHop Reveal(x) detect ransomware, lateral movement, and low-and-slow threats, then hand the baton off to Phantom for an automated assist on your threat hunting expedition.

Phantom + ExtraHop Reveal(x)

Reveal(x) adds rich, contextual security analytics to Phantom's intelligent orchestration by automatically detecting anomalies and sending event details directly to the Phantom platform to trigger a Phantom playbook. This further automates the response process and reduces the manual burden on enterprise security operations teams.
ExtraHop Dashboard

Key Features

Automatically triage events to eliminate noise

Pre-fetch threat intelligence for easier decision making

Orchestrate complex workflows to improve efficiency

Quote Icon

[The] partnership with Phantom helps make Reveal(x) even more useful for incident response and remediation use cases … it further automates the response process and reduces the manual burden on enterprise security operations teams.

Eric Ogren, Patrick Daly, and Jasmine Rishi
, 451 Research

Hear It From the Experts

Active threats have no choice but to reveal themselves as they use the network to locate valuable devices or databases, stockpile stolen data, and transmit sensitive information to external web domains. With east-west visibility and behavioral analytics from ExtraHop Reveal(x) plus response automation from Phantom, you'll know more than what's going on — you'll know how to stop it.

As 451 Research explains, network security analytics platforms such as Reveal(x) are critical for rapid threat detection and response. That's because they allow analysts to respond to threats as soon as attackers give themselves away, instead of struggling to piece together insights from logs.

Read 451's report to learn why ExtraHop Reveal(x)'s integration with Phantom plays a key role in arming security teams for victory, or dive into our Automated Response solution brief for details on how Reveal(x) shaves hours or days off your time-to-resolution.

Demo Image

Start the Demo

Stop data exfiltration, insider threats, and more with the full product demo.

Start Demo
Request Free Trial