PolySwarm is now fully integrated with Splunk® Phantom™, a platform trusted by security experts around the world that combines security infrastructure orchestration, playbook automation and case management capabilities.
Adding PolySwarm to a Phantom playbook will effortlessly enable Phantom users to harness the power of a large community of antivirus companies and security experts competing to detect threats in near real-time.
AV engines put their money where their mouth is, when confident, staking money behind their opinions (malicious or benign). This economic pressure incentivizes suppliers to specialize and focus on what they are best at, improving the accuracy of outputs and signal-to-noise ratio (SNR).
Phantom users can install the Phantom app for PolySwarm directly from the Phantom dashboard and plug in their PolySwarm API key to start using. Sign up/login at https://polyswarm.network and the API key is available in your account settings.
To learn more about PolySwarm, and try out the threat detection marketplace directly, visit https://polyswarm.network/.
PolySwarm in Splunk Phantom:
PolySwarm, Phantom playbook: