live webinarThreat Hunting at Scale with Panther Register Now


Pricing

Get Started Today

Open source

Community

End-to-End Visibility for Modern Security Teams

Deploy Panther

Enterprise

Team

Collaboration and Advanced Features for Teams

Get Pricing
Pro

Security at Scale with Max Performance

Get Pricing

Core


Real-Time Log Analysis

Real-Time Cloud Security

Real-Time Alerting

Automatic Remediation

200+ Built-in Detections

Data Analytics

Data Inputs


AWS S3

AWS SQS & SNS

Google Cloud Platform

SaaS Logs
5 Sources
Unlimited

Analytics and Investigations


Data Explorer

Indicator Search

Alerting


Alert Thresholds

Alert Summaries

Security and Compliance


Multi-Factor Authentication

Role-Based Access Control

SAML SSO (Okta, OneLogin, etc.)

Data Storage


Amazon S3

Parquet Conversion

Snowflake

Team Management


Users

Roles

Deployment


Self-hosted

Single-tenant SaaS

Customer Success


Community Slack

Detections Service Desk

Shared Slack Channel

SLA
M-F, 9x5
24x7

Open source

Community

End-to-End Visibility for Modern Security Teams

Core


Real-Time Log Analysis

Real-Time Cloud Security

Real-Time Alerting

Automatic Remediation

200+ Built-in Detections

Data Inputs


AWS S3

AWS SQS & SNS

Google Cloud Platform

Analytics and Investigations


Alerting


Alert Thresholds

Security and Compliance


Multi-Factor Authentication

Data Storage


Amazon S3

Team Management


Users

Roles

Deployment


Self-hosted

Customer Success


Community Slack

Enterprise

Team

Collaboration and Advanced Features for Teams

All Open Source features

Core


Data Analytics

Data Inputs


SaaS Logs

Analytics and Investigations


Data Explorer

Indicator Search

Alerting


Alert Summaries

Security and Compliance


Role-Based Access Control

SAML SSO (Okta, OneLogin, etc.)

Data Storage


Parquet Conversion

Deployment


Single-tenant SaaS

Customer Success


Detections Service Desk

SLA

Enterprise

Pro

Security at Scale with Max Performance

All Enterprise Cloud-Prem features

Data Inputs


SaaS Logs

Data Storage


Snowflake

Customer Success


Shared Slack Channel

SLA

Frequently Asked Questions

Looking for new cloud security solutions? Let us tell you about Panther.

What is Panther?

Panther is an open, scalable, and developer-friendly solution for cloud-first organizations to detect and respond to suspicious activity in real-time.

With Panther, teams can perform continuous security monitoring, achieve end-to-end security visibility across cloud and on-premise infrastructure, and build a robust security data lake to power investigations.

What are the use cases of Panther?

Some of the common use-cases of Panther are:

 

  • Continuous Security Monitoring: Gain real-time visibility across security logs and cloud infrastructure to quickly detect threats, misconfigurations, and other vulnerabilities that could lead to a breach.
  • Investigate Alerts:Quickly search Panther’s security data lake to contextualize alerts, tune detections, hunt for IOCs, and assess the impact of threats moving through your environment.
  • Threat Hunting: Leverage Panther’s normalized fields to search extracted IOCs across all of your log data to bring a holistic approach to threat hunting.
  • Cloud Compliance: Define security best practices in code to add speed, flexibility, and automation to your compliance initiatives, including SOC, PCI, HIPPA, and more.
  • SIEM for Snowflake: Turn your Snowflake into a SIEM with real-time alerting and 200+ pre-built detections. Consolidate, normalize, and retain your security data in Snowflake to power investigations, reporting, and business intelligence.
  • SIEM for AWS: Build a structured security data lake from all of your default AWS logs to power real-time detections, fast queries, threat hunting, and robust security analytics.
How Panther works?

Panther collects all of your critical security logs, analyzes them in real-time, and normalizes data into structured events that get stored into a data lake.

Here’s how it works:

 

  1. Panther collects security logs from cloud and on-premise data sources via AWS S3 / SQS / SNS, and direct API integrations
  2. Panther scans your AWS infrastructure to understand the state of your cloud
  3. All of this data is parsed, normalized, analyzed, and stored in your security data lake to power future investigations
  4. Alerts are generated and dispatched to your team in real-time
  5. Optional automatic remediations are applied to fix misconfigured infrastructure
How is Panther different when compared to traditional SIEMs?

The world is shifting from analysts and dashboards to automation and code. By enabling security teams to operationalize massive volumes of security data with cloud-first architectures and developer-driven workflows, Panther can serve as the foundation for modern organizations to quickly bootstrap detection and response programs and secure cloud environments.

Panther runs as a completely Serverless architecture to obtain the lowest overhead/cost at the highest scale. By leveraging AWS cloud-native services like Lambda, ECS, DynamoDB, S3 and more, Panther can handle massive workloads with zero-hassle administration.

What is the difference between Panther Community and Panther Enterprise?

Panther Community is an essential, open source platform for teams exploring Panther. Deploy Panther.

Panther Enterprise offers maximum value to teams and organizations who want advanced features, performance, and security at scale. Panther Enterprise can be deployed in your own AWS account (Cloud-Prem) or managed by Panther (Cloud) in our single-tenant hosted environment. Request a Demo.

Does Panther come with built-in detections?

Yes! Panther includes 200+ built-in rules and policies to support standard and premium detections. Learn more about Panther Rules and Policies.

Detections are expressed as a set of Python functions that control the analysis logic, alert grouping, and titles sent in alerts.

Can you write custom detections in Panther?

Panther uses Python to help you write expressive, flexible, and testable detections.

Watch this on-demand webinar to learn how you can write custom detections in Panther and identify common and specialized cybersecurity attacks using Python detections and developer-friendly workflows.

Where can we send alerts?

Panther lets you dispatch alerts to your team in real-time to destinations like Slack, Jira, and PagerDuty. View all destinations supported by Panther.

Which logs and integrations supported by Panther?

Panther can ingest terabytes of security log data per day from a variety of sources including AWS and GCP, security tools like Osquery and OSSEC, and a growing number of SaaS applications such as G Suite, Okta, and OneLogin. As data is processed, detections are run and alerts are dispatched in real-time to destinations like Slack, Jira, and PagerDuty.

Get started with our Integration Directory to learn how you can collect data from all your apps, send alerts to your messaging pipelines, and build a datalake on top of your AWS or SnowflakeDB with Panther.

Is Panther open source?

Yes, Panther is open source! See it for yourself, Run Panther!

Questions or suggestions? Let us know in our community Slack!

Where does my data go?
Your data always stays within your own AWS account, encrypted.

Run Panther

Learn how to secure your cloud, network, applications, and endpoints with Panther Enterprise.