Panther

We're your favorite security company's favorite security company. You don't just have to take our word for it, though! Learn how Filip Stojkovski, a Staff Security Engineer at Snyk, uses Panther to increase coverage and decrease alert volume. "My favorite part about Panther is how fast you can onboard any log source." "By figuring out the baseline of what's normal versus abnormal behavior, we reduced our alert volume by around 70%." Read the full case study - link in comments!

How do you build a threat model for your organization? In season two of the Detection at Scale podcast, Jason Craig, Director - Threat Detection & Response at Remitly, advised starting with understanding what you do and what you have that might be valuable to an attacker, then protecting the pathways to those assets. Check out the full episode here 👉 https://lnkd.in/gjxNYUDe #DetectionatScale #Cybersecurity #DetectionEngineering #SecurityEngineering Hosted by: Jack Naglieri

A little over 10 years ago, while working at a large retail company, we enabled a new threat intelligence feed. Almost immediately, it flooded our SecOps team with alerts—highlighting significant issues with alert quality and data quality. At its peak, we received over 16 million alerts per day (thankfully, we didn't directly send these to people!). Realistically, accounting for breaks, deeper analysis, and documentation, someone might effectively handle one alert every 5-10 minutes So to handle this with people we'd need around 166,667 people. For perspective, that's nearly the size of the entire 𝗨.𝗦. 𝗠𝗮𝗿𝗶𝗻𝗲 𝗖𝗼𝗿𝗽𝘀 (~180,000 people). A decade later, despite all our advancements, SecOps teams still consistently worry about alert overload and overwhelming their most valuable asset—the humans themselves. It doesn't seem to be getting better. We shouldn't hesitate to deploy new detection methods, but "turning them on and dealing with noise by tuning later" isn't the right approach. Remember, garbage in, garbage out: if we feed poor-quality alerts into our teams, we'll only get ineffective outcomes. Instead, let's first ensure we're generating trustworthy, actionable alerts derived from multiple high-quality signals. Then, we can meaningfully apply automation and AI—not to filter through noise, but to amplify and empower human effectiveness. How have you seen security operations change in the last 10 ish years? #Cybersecurity #SOC #Automation #ThreatIntelligence #InfoSec #AI

The proof is in the pudding. Request a personalized demo to see how we can help you like we helped Spring Health: https://lnkd.in/gqB9zwgD

Panther's forecast is looking cold for next week 👀 ❄️ Any guesses for what's coming?

Oh you wanted to tour the Panther + Zscaler integration?? 👀 Here you go! https://lnkd.in/gvxkFedi 🤖 You'll also get an accidental sneak peek of our coming AI capabilities!

Real-time, full security visibility is here for Zscaler + Panther! 🔐 When expensive SIEMs limit what you monitor, threats slip through. Not anymore. Now, you can normalize and centralize all of your security-rich data from #Zscaler's Zero Trust Exchange, which orchestrates 500 billion+ daily transactions to protect users, devices, and applications with secure network access. By centralizing Zscaler’s network, application, and audit data in #Panther, our customers gain: 🔎 Cross-system visibility – Correlate Zscaler Internet Access (#ZIA) and Zscaler Private Access (#ZPA) logs with your cloud, SaaS, and IDP data for smarter alerts with fewer false positives ⚡ Real-time threat detection – Spot DNS tunneling, insider threats, and compromised apps with Panther’s streaming analysis 💡 Faster time to value – Onboard Zscaler logs in minutes using a webhook or an S3 bucket and increase security coverage for your internet and application traffic with our out-of-the-box detections 🔄 Rapid iteration – Tailor detections with #Python and deploy them like software to continuously improve your security posture Learn how Panther + Zscaler monitor your network and application traffic in real-time. 🔗 Read the blog 👉 https://lnkd.in/giducXVh #CloudSecurity #DetectionEngineering #SecurityEngineering #DetectionAsCode #SecurityMonitoring

"If Will wants to hear why I never want to buy a SIEM again, I’m happy to chat." That’s how I was introduced to a CISO of a high-growth tech company recently. I’ve never heard a sales leader say they never want to buy a CRM again. Or a CFO say they never want to buy an ERP again. But in security, this sentiment is common. Why? Because SIEMs are widely seen as painful, expensive, and ineffective systems—a necessary evil rather than a product security teams actually love. That’s why we’re building Panther differently, with: ✅ Streaming data analysis to eliminate delays between ingestion and detection. ✅ Programmable detections to tailor alerts for unique security requirements. ✅ Seamless cloud integration for complete control over cost, data, and performance Panther isn’t “just another SIEM.” It’s complete security monitoring platform that transforms how security teams protect their most valuable assets. Here’s what a few of our customers have said recently: “We've been able to write detections that fit business use cases that would not be available out of the box with any platform in a reasonably short amount of time.” "Panther strikes the perfect balance as both a powerful tool and flexible framework—something other solutions miss entirely." “There’s already been multiple times where we've made use of logs that we would not have had access to if we did not move on to Panther.” If your SIEM makes you never want to buy one again... let's talk!

⏱️ Immediate detection = faster responses. Tealium ditched scheduled queries for dynamic, real-time threat detection with Panther. The result? A 70% reduction in false positives and a proactive approach to security. Explore Tealium’s success story 👉 https://lnkd.in/g868VztC #DetectionAsCode #SecurityEngineering #DetectionEngineering

Happy International Women's Day! 💙