Panther’s Data Explorer now offers a window into your Snowflake for threat hunting and security investigations
With our Snowflake integration, Enterprise customers can store normalized security data in Snowflake for long-term retention. Previously, querying this security data could only be performed from within your Snowflake dashboard. Now, with our latest release, you can run queries directly from Panther’s Data Explorer against data in your Snowflake.
Panther is the bridge between unstructured security logs and a sustainable security data lake powered by Snowflake. And with our Python rules engine, built-in detections, and support for popular alert destinations like Slack and PagerDuty, Panther offers cloud-first organizations a scalable and cost-effective alternative to legacy SIEMs.
In the screenshot below, you’ll notice the tag “Powered by Snowflake”. This indicates that queries in Panther read data from your Snowflake.
Storing security data in Snowflake offers cloud-first organizations many benefits, including affordable long-term storage, a rich ecosystem of integrations, and a massively scalable infrastructure to power investigations. This latest enhancement offers security practitioners a more seamless experience optimized for baselining behaviors, contextualizing alerts, and hunting for threats against years of normalized data.
How does this impact you?
With our Snowflake integration, you can:
- Collect terabytes of normalized security log data to your Snowflake for cost-effective retention
- Query collected log data, rule matches, and correlate standard fields across all data stored in Snowflake directly from Panther’s Data Explorer
- Join Panther data (e.g. alerts) with other data sources in your Snowflake in a single interface to assess the security posture of your organization.
Send terabytes of normalized log data to your Snowflake data platform for affordable long-term retention, with real-time threat detection and robust security investigations in Panther.