As a DevOps and security engineer, you likely prefer using the command line interface (CLI) as much as possible for simple tasks like editing and organizing files.
Panther automates the security operations pipeline by using code to detect suspicious behaviors and cloud misconfigurations. Panther provides two primary mechanisms to create this code: in the UI, or with a CLI tool.
With the Panther analysis CLI tool, you can test, package, and deploy all of your Cloud Security Policies and Log Analysis Rules via the command-line interface. This enables detections to be managed in code and tracked in version control systems like GitHub, GitLab, and SVN.
The Panther Analysis Tool can assist with creation, local testing, zipping, and uploading detections to Panther to support developer-oriented workflows. For many DevOps and security engineers, this is a more natural workflow that supplements the use of the Panther user interface.
In addition to working with Rules and Policies, you can also use our CLI tool to:
The Panther analysis tool is available on pip.
Simply install with:
pip3 install panther-analysis-toolCode language: SQL (Structured Query Language) (sql)
For running tests, use:
panther_analysis_tool test --path <path-to-python-code>Code language: SQL (Structured Query Language) (sql)
Find documentation to write detections with the Panther Analysis Tool:
Panther’s Analysis Tool helps security practitioners test, package, and deploy Policies and Rules from the CLI.