Abstract
Multiple teams utilize the Cortex Xpanse Phantom App.
Multiple teams can utilize the Cortex Xpanse Phantom App. Teams include:
SOC—To pair with Splunk to ingest Cortex Xpanse Expander data to generate incidents and playbooks. SOC teams can also enrich incidents from different sources with Expander issues and other asset data.
Threat Hunting—Teams may automate to quickly find all of the asset details or other related data.