This week, I am excited to publicly announce the open beta of our integration with Splunk. You may be wondering, why would one SIEM integrate with another? Why would a SOC run two SIEM solutions?
For me, a former Splunker, and now Field CISO at Panther, the answer is simple: This integration brings together the best features of Panther and Splunk. If you are one of the 15,000 companies worldwide using Splunk, Panther is a solution to consider for high-volume log sources to reduce SIEM costs as well as increase visibility and overall detection capabilities.
First, Panther’s modern, serverless architecture is built to scale and doesn’t degrade, break, or require constant care & feeding at cloud volumes. Customers using Panther who have used other SIEM solutions love the modern, cloud-first capabilities of Panther:
The integration brings some great benefits and new capabilities to Splunk. Panther’s real-time alerts – leveraging detection-as-code – are ingested in Splunk, integrating with existing incident response workflows and rich dashboarding capabilities in Splunk.
Customers such as Dropbox and Asana who started with Splunk, have found immense value from Panther. If you’d like to learn more, watch some of the “how-to” videos I created, or join one of my live, hands-on workshops where we cover how to leverage Panther’s detection-as-code capabilities with custom alert destinations, including Splunk, check out this resource page.
In this new, hands-on, interactive workshop, we will leverage the flexible alert destination capabilities of Panther to send alerts to different tools depending on log source type, severity, and alert type.