We’re Serious About Security

Panther was founded by a team of security practitioners who understand the immense importance of safeguarding your data. Learn more about how we ensure your data is secure, complete, and available.

Loved by the world’s best security engineering teams

Compliance

Panther’s compliance with privacy laws and security standards ensure you meet your own compliance requirements.

SOC2 (Type2) Compliant
Panther follows strict policies and procedures that meet all the Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy.
PCI-DSS Compliant
PCI Compliant
Panther meets the Payment Card Industry standards for credit card processing and encrypted Internet transactions.
ISO27001 Certified
Panther is ISO27001 certified and meets the standards for implementing and managing the Information Security Management System (ISMS) in both design and execution.

Infrastructure

Panther’s entire hardware and software foundation is optimized to guarantee reliability and reduce security risk.

Serverless
Built for scale and fast time to value, Panther runs a completely serverless architecture using best-of-breed solutions like AWS Lambda, ECS Fargate, S3, and DynamoDB to handle massive workloads with zero-hassle administration.
Single-Tenant
By ensuring that each customer’s data is stored in a separate instance, Panther offers better uptime and reliability, leveraging performance and data security based on one instance instead of multiple.
Availability
Panther commits to 99.9% service uptime through our SLA. Read more about our system availability.

Data, Application and IT Security

Panther’s security-first culture puts security and trust at the forefront of every part of our business.

Data Security
All Panther data is encrypted with industry-standard cipher suites, whether at rest or in transit. Equally important, data is backed up to S3 continuously to ensure business continuity in the event of a failure.
Application Security
Security is baked into Panther’s application, and maintaining it is critical. Our code is analyzed via static application security testing (SAST) during continuous integration (CI) and post-deployment, and penetration testers regularly audit our application.
IT Security
All of Panther’s laptops leverage full-disk encryption — and are managed, upgraded, and patched with best-in-class mobile device management (MDM) solution. Our hardware is protected by an endpoint security agent that provides NGAV and EDR/EPP capabilities, with 24/7/365 monitoring.

Identity & Access Management

IAM layers over Panther’s entire business, as identity validation and policy alignment is critical for every aspect of the company.

Internal Applications
Our identity provider (IdP) governs access to internal applications, which requires multi-factor authentication.
Cloud Resources
Access to cloud resources is managed through AWS IAM. Panther strictly follows the model of least privilege, only assigning access to the resources and services necessary. We also leverage MFA comprehensively.

Vendor Management

Every vendor relationship represents a security risk, so third party risk management plays a crucial role in Panther’s security posture.

Review
All vendors we leverage go through a review process in which their security controls are reviewed extensively.
Authorized Third Party Vendors
We also maintain a list of subprocessors and notify our customers of any changes.
Escape Cloud Noise. Detect Security Signal.
Request a Demo