Panther Labs Launches Cloud-Native SIEM Platform

April 01, 2020

Panther v1.0 debuted as an open source SIEM designed to meet the needs of cloud-first organizations. Panther provides capabilities for early threat detection, log analysis, conducting breach investigations and more using Python, which offers a scalable architecture that's easy to deploy and analyze across large amounts of data. Panther can easily meet the security needs of growing enterprises migrating to the cloud without requiring a large team of practitioners.

Panther v1.0 was developed by a team of seasoned engineers previously responsible for building cloud-native tools at some of the largest tech companies in the world, including StreamAlert at Airbnb and critical internal monitoring systems at Amazon. This experience provided the team a unique insight into the immediate and long-term needs of security engineers facing complicated threats and a rapidly growing ecosystem of infrastructure and data. The team designed Panther v1.0 to operate at scale, process an infinite amount of data, and be easy to deploy and use by seasoned and amateur practitioners alike.

"We understand that security teams face tremendous pressure to identify threats and detect vulnerabilities using tools that can be too specialized or limited in the amount of data they can ingest," said Jack Naglieri, founder and CEO of Panther Labs. "Our platform is designed to provide organizations ownership over their data while offering security engineers the power and flexibility they need to fight attacks at scale without additional infrastructure or engineering support."

Scribd, the world's largest global digital library that gives readers access to millions of books and written work has successfully deployed Panther in their AWS environment. "Panther brings speed and flexibility to our detection efforts at Scribd," said Joy Sakai, Director of Core Infrastructure and Security at Scribd. "As we grow many of our workloads in the cloud, Panther's self-hosted model and quick deployment made it easy to adopt and integrate into our security program."

Key features of Panther v1.0 include:

Cloud-Native Architecture: Serverless platform built for extreme scale

Simple and Powerful Detections: Leverage 150+ built-in detections crafted by security experts, or write your own custom detections with Python

Holistic Approach: Detect intrusions in real-time across any number of accounts and improve cloud security posture with a unified dashboard

Complete Privacy: Panther is self-hosted and runs fully on top of native AWS services such as Lambda, ECS, DynamoDB, S3, Cognito, and more -- with Panther, companies own and retain the rights to their data at all times

Panther's elastic architecture enables terabytes of data per day to be analyzed with low overhead and minimal cost. And best of all, Panther is open source! Engineers can follow Panther's Quick Start Guide to deploy v1.0 today with built-in support for:

Analyzing all AWS logs such as CloudTrail, VPC Flow, S3 Access, GuardDuty, ALB

Analyzing Osquery, Suricata, Syslog, OSSEC, NGINX, with more to come

Built-in detections based on CIS and security best practices

A Powerful UI to create, update, and tune analysis

Fast queries across your data warehouse to power investigations

Real-time AWS configuration monitoring

Alerting support for Slack, PagerDuty, MS Teams, and more

Terms of Use | Copyright 2002 - 2020 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement