SAN FRANCISCO, March 25, 2020 — Panther Labs, a venture-backed cybersecurity company specializing in detection and response, today announced the availability of Panther v1.0, an open source SIEM designed to meet the needs of cloud-first organizations. Panther provides capabilities for early threat detection, log analysis, conducting breach investigations and more using Python, which offers a scalable architecture that’s easy to deploy and analyze across large amounts of data. Panther can easily meet the security needs of growing enterprises migrating to the cloud without requiring a large team of practitioners.
Panther v1.0 was developed by a team of seasoned engineers previously responsible for building cloud-native tools at some of the largest tech companies in the world, including StreamAlert at Airbnb and critical internal monitoring systems at Amazon. This experience provided the team a unique insight into the immediate and long-term needs of security engineers facing complicated threats and a rapidly growing ecosystem of infrastructure and data. The team designed Panther v1.0 to operate at scale, process an infinite amount of data, and be easy to deploy and use by seasoned and amateur practitioners alike.
“We understand that security teams face tremendous pressure to identify threats and detect vulnerabilities using tools that can be too specialized or limited in the amount of data they can ingest,” said Jack Naglieri, founder and CEO of Panther Labs. “Our platform is designed to provide organizations ownership over their data while offering security engineers the power and flexibility they need to fight attacks at scale without additional infrastructure or engineering support.”
Scribd, the world’s largest global digital library that gives readers access to millions of books and written work has successfully deployed Panther in their AWS environment. “Panther brings speed and flexibility to our detection efforts at Scribd,” said Joy Sakai, Director of Core Infrastructure and Security at Scribd. “As we grow many of our workloads in the cloud, Panther’s self-hosted model and quick deployment made it easy to adopt and integrate into our security program.”
Key features of Panther v1.0 include:
- Cloud-Native Architecture: Serverless platform built for extreme scale
- Simple and Powerful Detections: Leverage 150+ built-in detections crafted by security experts, or write your own custom detections with Python
- Holistic Approach: Detect intrusions in real-time across any number of accounts and improve cloud security posture with a unified dashboard
- Complete Privacy: Panther is self-hosted and runs fully on top of native AWS services such as Lambda, ECS, DynamoDB, S3, Cognito, and more — with Panther, companies own and retain the rights to their data at all times
Panther’s elastic architecture enables terabytes of data per day to be analyzed with low overhead and minimal cost. And best of all, Panther is open source! Engineers can follow Panther’s Quick Start Guide to deploy v1.0 today with built-in support for:
- Analyzing all AWS logs such as CloudTrail, VPC Flow, S3 Access, GuardDuty, ALB
- Analyzing Osquery, Suricata, Syslog, OSSEC, NGINX, with more to come
- Built-in detections based on CIS and security best practices
- A Powerful UI to create, update, and tune analysis
- Fast queries across your data warehouse to power investigations
- Real-time AWS configuration monitoring
- Alerting support for Slack, PagerDuty, MS Teams, and more
About Panther Labs
Panther Labs is a venture-backed cybersecurity company specializing in cloud-native detection and response. The team includes security alumni from companies like Amazon and Airbnb. Unlike products that require control over customer data and extensive knowledge of a domain-specific syntax, Panther is self-hosted and utilizes Python to enable simple and flexible detection logic. With Panther, teams can perform continuous monitoring and build a robust data warehouse to power investigations.