Guild Education Eliminates the Cost of Legacy SIEM with Panther's Detection-as-Code

Founded in 2015, Guild Education connects workers front-line workers with a marketplace of universities and proven learning providers. Guild’s learning marketplace helps unlock opportunities for workers by creating a path through higher education in collaboration with the nation’s top employers. The organization provides over 400 coaches and career advisors to provide the support needed to help workers advance their careers.

Prior to Panther

Guild’s security team needed a Security Information & Event Management (SIEM) tool in their technology stack to improve the security health of their growing organization. Their legacy SIEM tool required hours of IT overhead to maintain, plus the added complexity of a proprietary language that the team had never previously used. Due to the tools’ intricacies, Guild relied heavily on the usage of professional services. Which didn’t provide the ability to react to incoming security threats on their own. But even with the help of expensive services, Guild wasn’t able to generate fruitful results from the tool. Leaving the security team overworked, underprepared for an attack, and siloed away from other members of the organization.

Painpoints of Previous SIEM

Complex proprietary language

Previous SIEM’s proprietary language was not easily adoptable. Requiring professional services and support to provide help for building detections and policies.

High Total Cost of Ownership (TCO)

Licensing costs coupled with professional services, led to extremely high TCO with little results to justify the spend.

Data Siloed from the Rest of the Business

With no integration with Snowflake, the security team’s data had to live separately from the rest of the organization. Adding time and effort to the team’s ability to investigate and threat hunt effectively.

Journey to Panther

When a colleague told Julie Chickillo (CISO of Guild Education) about Panther, she was immediately drawn to the encompassing list of supported data types as well as the usage of Python over a proprietary language. This allowed members of her team, such as Peter Harasimowicz, to deploy and manage the SIEM without the need for outside services. With many integrations only taking minutes to set up, along with the added benefit of pre-built parsers, Guild’s team was able to integrate not only security logs but all applications in their organization.

Additionally, once Panther was introduced, Python became the standard language for all detection creation. With the Guild team’s previous knowledge of Python, it was a seamless transition from the complex proprietary language of their legacy SIEM. For example, Guild’s team is now able to have more team members contribute to detection creation, modification, and policy changes. Lowering the TCO with Panther vs another tool. Plus, the added benefit of writing detections locally within an established CI/CD workflow, allows for the team to easily run tests, rollbacks, and monitor changes to any detections to avoid ticket cannons.

Benefits of switching to Panther

Increased productivity with Python

With the majority of the security team knowing Python, Guild is now able to tap into many different security engineers to contribute to detections

Reduced Total Cost of Ownership

Cut down Total Cost of Ownership by over 40%

Added Collaboration with Standardized Data Storage

Panther’s ability to partner with Snowflake as a “Connected App” allows the team to share data with other parts of the organization.