on demand

Writing Custom Python Detections with Panther

Learn how to identify common and specialized cybersecurity attacks with Python detections and developer-friendly workflows.

In our cloud-first world, security surface areas continue to expand and attacker behavior is evolving. To keep up with the changing threat landscape, security teams need powerful and flexible new tools to detect suspicious activity across cloud and on-premise environments.

In traditional SIEMs, detection logic can be difficult to express and challenging to maintain as complexity increases. The proprietary and obscure programming languages used in legacy platforms present security engineers with steep learning curves to effectively model attacker techniques at scale.

Python Detections Enable Endless Possibilities

Rather than inventing another new domain-specific language (DSL) for security teams to learn, Panther uses Python to enable teams to quickly bootstrap a modern and flexible detection and response program.

With its versatility and extensibility, Python offers security engineers the ability to more easily write and maintain complicated detection logic that aligns security programs with business objectives for risk and compliance.

Watch this on demand webinar to learn how to:

  • Write custom threat detections in Python
  • Baseline behaviors to calibrate detections
  • Use Panther’s built-in unit testing framework to achieve high signal alerts
  • Leverage Global Helper Functions to store reusable detection logic

P.S. This is a two-part webinar series about writing custom threat detections with Panther. Register for Part II.


Jack Naglieri

Jack Naglieri

Founder, CTO @ Panther Labs

Watch Now

Recommended Resources

Escape Cloud Noise. Detect Security Signal.
Request a Demo