We’re Serious About Security
Panther was founded by a team of security practitioners who understand the immense importance of safeguarding your data. Learn more about how we ensure your data is secure, complete, and available.
End-to-end data security
Cyber security is serious business. We value your trust and strive to deliver a security monitoring platform you can depend on.
Our platform is compliant with SOC 2, Type 2, and HIPAA so that you can be confident in the integrity of your data.
Our serverless, single-tenant architecture guarantees world-class reliability and data privacy.
Data and Application Security
Security is paramount in everything we do, from our product, to the way we run our business, to how our employees prioritize security.
Identity and Access Management
We strictly enforce least privilege principles for managing access to all systems where customer data is stored or processed.
We have a thorough security control review process for all vendors we leverage.
Trusted by modern security teams
Panther’s compliance with privacy laws and security standards ensure you meet your own compliance requirements.
We are SOC2 (Type2) Compliant
Panther follows strict policies and procedures that meet all the Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy.
We are PCI Compliant
Panther meets the Payment Card Industry standards for credit card processing and encrypted Internet transactions.
We are HIPAA Compliant
Panther meets the federal privacy and security standards for handling health industry entities' personal health information (PHI).
Panther’s entire hardware and software foundation is optimized to guarantee reliability and reduce security risk.
Built for scale and fast time to value, Panther runs a completely serverless architecture using best-of-breed solutions like AWS Lambda, ECS Fargate, S3, and DynamoDB to handle massive workloads with zero-hassle administration.
By ensuring that each customer’s data is stored in a separate instance, Panther offers better uptime and reliability, leveraging performance and data security based on one instance instead of multiple.
Data, Application and IT Security
Panther’s security-first culture puts security and trust at the forefront of every part of our business.
All Panther data is encrypted with industry-standard cipher suites, whether at rest or in transit. Equally important, data is backed up to S3 continuously to ensure business continuity in the event of a failure.
Security is baked into Panther’s application, and maintaining it is critical. Our code is analyzed via static application security testing (SAST) during continuous integration (CI) and post-deployment, penetration testers regularly audit our application, and we maintain a robust public bug bounty program.
All of Panther’s laptops leverage full-disk encryption — and are managed, upgraded, and patched with best-in-class mobile device management (MDM) solution. Our hardware is protected by an endpoint security agent that provides NGAV and EDR/EPP capabilities, with 24/7/365 monitoring.
Identity & Access Management
IAM layers over Panther’s entire business, as identity validation and policy alignment is critical for every aspect of the company.
Our identity provider (IdP) governs access to internal applications, which requires multi-factor authentication.
Access to cloud resources is managed through AWS IAM. Panther strictly follows the model of least privilege, only assigning access to the resources and services necessary. We also leverage MFA comprehensively.
Every vendor relationship represents a security risk, so third party risk management plays a crucial role in Panther’s security posture.
All vendors we leverage go through a review process in which their security controls are reviewed extensively.
Authorized Third Party Vendors
We also maintain a list of subprocessors and notify our customers of any changes.