Product

Solutions

Integrations

Resources

Support

Company

Request a demo

Product

Solutions

Integrations

Resources

Support

Company

Request a demo

Detection Coverage

Panther offers hundreds of ready-to-use detections! Search by keyword or log type below.

Detection

Log Type

Type

Description

1Password Login From CrowdStrike Unmanaged Device Query (crowdstrike_fdrevent table)

Crowdstrike.FDREvent

OnePassword.SignInAttempt

Scheduled Query

Looks for OnePassword Logins from IP Addresses that aren't seen in CrowdStrike's AIP List. (crowdstrike_fdrevent table)

A CloudTrail Was Created or Updated

AWS.CloudTrail

Rule

A CloudTrail Trail was created, updated, or enabled.

A Login from Outside the Corporate Office

Osquery.Differential

Rule

A system has been logged into from a non approved IP space.

A long-lived cert was created

Gravitational.TeleportAudit

Rule

An unusually long-lived Teleport certificate was created

A SAML Connector was created or modified

Gravitational.TeleportAudit

Rule

A SAML connector was created or modified

A Teleport Lock was created

Gravitational.TeleportAudit

Rule

A Teleport Lock was created

A Teleport Role was modified or created

Gravitational.TeleportAudit

Rule

A Teleport Role was modified or created

A user authenticated with SAML, but from an unknown company domain

Gravitational.TeleportAudit

Rule

A user authenticated with SAML, but from an unknown company domain

A User from the company domain(s) Logged in without SAML

Gravitational.TeleportAudit

Rule

A User from the company domain(s) Logged in without SAML

A User Role with Sensitive Permissions has been Created

Panther.Audit

Rule

A Panther user role has been created that contains admin level permissions.

Product

Product Overview

Integrations

Detection Coverage

Resources

Case Studies

Blog

Podcasts

Webinars

Solution Briefs

Events & Workshops

Support

Documentation

Knowledge Base

Release Notes

Status

Company

About Us

Careers

Partners

Trust

Product

Product Overview

Integrations

Detection Coverage

Resources

Case Studies

Blog

Podcasts

Webinars

Solution Briefs

Events & Workshops

Support

Documentation

Knowledge Base

Release Notes

Status

Company

About Us

Careers

Partners

Trust

Product

Resources

Support

Company

Product

Product Overview

Integrations

Detection Coverage

Resources

Case Studies

Blog

Podcasts

Webinars

Solution Briefs

Events & Workshops

Support

Documentation

Knowledge Base

Release Notes

Status

Company

About Us

Careers

Partners

Trust