Today, we introduce Panther’s Security Data Lake Search. This enhanced search functionality represents the industry’s first analyst-grade search experience to unlock the data lake’s efficiency and performance benefits for security teams. Built on top of the powerful Snowflake data lake, security teams in Panther can now search high-volume log data across vast data lakes with cost-effective storage that scales effortlessly and returns rapid results. Hot data storage delivers your data sets fast with no need for tedious rehydration or tinkering to see the data you need when you need it. Paired with Panther’s Detections-as-Code, Security Data Lake Search revolutionizes how our users approach integrated incident triage, investigation, and response workflows with a seamless, unified search experience.
“The search experience combined with the security data lake lets me immediately find, display, and correlate events across multiple sources, like AWS Cloudtrail and our Custom Logs, without having to resort to complex SQL statements.”Michael Kuchera, Zapier’s Team Lead for Security Detection and Response
From its founding, the Panther team was focused on building an exceptionally fast, cost-effective, and efficient SIEM experience focused on code-driven security operations. This foundational work was crucial to set Panther up to continue carving out the future of SIEM. With considerable time and resources invested to perfect Panther’s detection-as-code engine, we are ready for the next wave of improvements to Panther.
Panther’s advanced detection engine and data ingestion features have set the stage to solve our next challenge for security teams. A consistent problem plagues data lakes. They lack an elegant and intuitive search experience that doesn’t require SQL knowledge. With the introduction of Panther’s Security Data Lake Search, security practitioners of all skill levels can now easily conduct in-depth searches with an intuitive, familiar query-building UX. For the SQL experts, no fear – you can still use SQL in Panther for search. Still, you’ll enjoy our updated experience by introducing cross-log search results and an updated results table to surface the right data faster. The reimagined data model and search interface combine familiarity with operational simplicity, powering fast, effective investigations.
Single, Intuitive Search Hub
Users now only need to access one place for all their investigations. The Search tab simplifies query building and investigations within a singular user-friendly interface. The new search experience allows analysts of all skill levels to conduct complex searches across all threat vectors without in-depth SQL knowledge. Click-to-select filter chips enable “AND” logic with support for wildcard, text, and key-value pair searches across all log data, powering seamless cross-log queries and enabling complex searches for users of all skill levels. No SQL knowledge required.
Cross-log Search and Enhanced Results Table
The new Results Table offers a comprehensive analysis of cross-log search results for visibility of all events across all log types. Enriched data density with enhanced context allows analysts to view all pertinent data to investigate potentially correlated events. The table boasts intuitive and powerful filtering options, allowing security analysts to easily customize their results, focusing on critical information and reducing noise.
Panther is committed to continually refining and enhancing security workflows and the Panther experience. Cybersecurity is an ever-evolving landscape of emerging threats, and Panther will remain at the forefront of SIEM innovation to keep your team steps ahead of attackers. Stay tuned for more updates and innovations as we continue to push the boundaries of what a SIEM can achieve.
To witness the power of Panther’s Security Data Lake Search in action, we invite you to join our upcoming webinar, Detecting & Investigating Cloud Crypto Mining, on January 17th, 2024. Register here and explore the groundbreaking capabilities of Security Data Lake Search. Don’t miss out on this opportunity to stay one step ahead of potential attackers.
