Gain visibility into abnormal user activity and operations

Request a DemoRead the Docs

Gain visibility into abnormal user activity and operations within your Zoom account with Panther's Zoom log puller integration.

Zoom activity and operation logs show various types of activity in your company's Zoom account, such as changes made by admins on the account, specifically changes in the sections under Account Management, User Management, and Advanced.

Use Panther’s built-in rules to monitor activity, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for Zoom Audit Logs with Panther include monitoring:

  • Changes to Account and Group settings
  • Changes in role and license assignments for users
  • Changes to subscriptions under Billing
  • Changes made to SSO configuration, including changes made by your SSO and SAML mapping configuration

How it Works

The integration is simple and fast:

  • Create a new OAuth app in Zoom
  • Enter the OAuth app credentials and other details in the Panther Zoom log source onboarding flow
  • Panther will parse, normalize, and analyze your log data in real-time
  • As rules are triggered, alerts are sent to your configured destinations
  • Normalized logs can be searched from Panther’s Data Explorer
  • Sit back and monitor your activity!

Learn more about Panther's supported log schema for Zoom.