- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
In an effort to start building the Check Point/Phantom ecosystem, I'm posting an integration document I created to share with the community; and to understand the need to increase our footprint with Phantom (now Splunk Phantom). I have a Github site setup for to collect Playbooks; json; rpm's; and Python files (see below) The document is still in draft and currently under review and will welcome any feedback. The document is an integration guide and is not the authority nor a tutorial for Phantom. The Phantom management portal has a very extensive documentation.
The document was written with R80.10, but I'm currently testing R80.20M2 with this as the API features are much more extensive.
The R80 REST API is very powerful and will continue to have features added in future releases.
Github: GitHub - rickdevera/phantom-checkpoint
automation
/richard devera
For the full list of White Papers, go here.
Hey Rick, which other playbooks except block/allow IP you use or plan to use within your org?
I'm working with a Check Point partner to demonstration the how we fit into their existing services. The Playbooks aren't limited to just the Check Point functions. You can use combine other Apps and their Actions to be used in a single Playbook, (For example, I can gather information gained from other Assets (ie VendorX firewall, URL service, etc) and take action. The Check Point playbook I created is very basic, and only demonstrates how I can use it with our API. So we should develop more Apps that can be used in Playbooks. For example, our Threat Cloud API can be used if we can create an App. Does this help?
Thanks for sharing!
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY