Restoring Clarity in a Broken System

The Noise Problem Security Vendors Don’t Want to Talk About

After 15+ years leading detection and response at Amazon and Dropbox, I’ve seen a painful truth: most security tools don’t actually help practitioners. They overwhelm them.

Every product promises clarity, but ends up piling on:

• Thousands of meaningless alerts every day.

• Complex rule-tuning that no one has time for.

• Data locked in proprietary systems that force analysts back into spreadsheets.

It’s no surprise that burnout is the norm in this field. Teams are exhausted by noise, not empowered by insight.

What Security Operations Really Look Like

Too many vendors build for an imaginary practitioner who has unlimited time, deep expertise in every emerging technology, and infinite patience for tuning detections. The reality is messier:

• Teams juggle broad responsibilities and constant interruptions.

• Most days are triage—chaotic, reactive, fragmented.

• The cost of a miss feels so high that teams are reluctant to turn anything off, even when they know it’s noise.

I’ve seen major breaches go undetected by these “top-tier” platforms, only to surface later in trouble tickets, third-party calls, or even internet forums. That’s the harsh reality of today’s tooling.

The Excel Test

Here’s how I knew the tooling landscape was broken: during high-severity incidents, my teams at both Amazon and Dropbox often ended up managing investigations in Excel spreadsheets.

Not because we wanted to—but because it was the only way to consolidate fragmented data, correlate signals, and see the bigger picture.

When your “best of breed” tools force you back into Excel in the middle of an incident, something is fundamentally wrong.

What Teams Actually Need

Security teams don’t need more alerts. They need:

• Signals, not noise — clear, contextual detections that require action.

• Open systems — APIs and integrations that let data flow across tools.

• Built-in intelligence — platforms that get smarter over time, not heavier.

The job isn’t to chase dashboards or tune endless rules. The job is to protect people and data.

Why Panther Stood Out

When I first used Panther at Dropbox, it wasn’t the marketing that impressed me—it was the outcomes: streaming detections, real-time context, and the ability to integrate with our workflows immediately.

It let my team focus on real threats instead of chasing noise. That’s why I’ve stayed a believer in Panther ever since: it reflects a practitioner’s reality, not a vendor’s fantasy.

Looking Ahead

Security will only get more complex. The difference between teams that burn out and teams that thrive won’t come from working harder—it will come from working smarter, with tools that cut through the noise.

That’s the shift I saw in Panther early on, and it’s why I still believe in its vision today: helping security teams operate with clarity, confidence, and speed in a world that’s only getting noisier.