A Cloud-Native SIEM for the Modern Security Team
Documentation | Quick Start | Technical Blog
We are a San Francisco based startup comprising security engineers who have spent years building large-scale detection and response for companies including Airbnb, Amazon, Riverbed, and more. Panther was founded by the core architect of StreamAlert, a cloud-native solution for automated log analysis open-sourced by Airbnb.
Panther is the next step for security teams who need a modern alternative to traditional SIEMs. We designed Panther for massive scale, with a rich and intuitive user experience, in-browser Python rule editing, and first-class AWS support.
Our mission is to provide an open platform to effectively protect businesses from cybersecurity threats.
Panther analyzes all security data generated by your clouds, networks, applications, and hosts to power threat detection, compliance, and security investigations. Panther provides flexible detection logic, a secure deployment within your AWS cloud, support for common security tools, and automation for painless deployments. Common uses include:
- Detect Unauthorized Access: Analyze logs to identify unauthorized access into systems
- Threat Hunting: Quickly search logs for matches against indicators of compromise with Panther's standardized data fields
- Achieve Compliance: Use built-in detections as controls for SOC/PCI/HIPAA compliance
- Secure Your Cloud Resources: Automatically fix misconfigurations that could cause severe damage if exploited
NOTE: Panther is currently in beta.
Follow our Quick Start Guide to deploy Panther to your AWS account in a matter of minutes!
Compliance Overview: Gain oversight into your infrastructure health
Rules Editor: Write, tune, and update detections in the browser
Resource Viewer: Holistic view of pass/fail checks on a per-resource basis
We welcome all contributions! Please read the contributing guidelines before submitting pull requests.
Panther is dual-licensed under the AGPLv3 and Apache-2.0 licenses.
