Panther – Detect Threats and Improve Cloud Security

Panther is an open source platform designed to bring security visibility at cloud-scale. It’s a modern and flexible solution to the challenges of collection, analysis, and retention of critical security data. Panther detects threats, improves cloud security posture, and powers investigations.

Panther - Better Data Leads to Better Visibility
Panther – Detect Threats and Improve Cloud Security

Some of the benefits with using this tool are:

  • Analyze TBs of data per day
  • Write flexible, Python-based, real-time detection
  • Bootstrap your security data lake
  • Simply deploy with infrastructure as code
  • Secure, least-privilege, and encrypted infrastructure

Components included with this framework:

  • Log Analysis for parsing, normalizing, and analyzing security data
  • Cloud Security for identifying misconfigurations in AWS accounts
  • Data Analytics for queries on collected log data, generated alerts, and normalized fields

Following are some of the common use-cases of Panther:

  • Detect Unauthorized Access: Analyze host-based logs to identify unauthorized access into systems that could indicate a breach
  • Power Your Investigations: Join data from various sources to determine if a potential compromise has occurred.
  • Threat Hunting: Quickly search all of your logs for matches against indicators of compromise by utilizing Panther’s standardized data fields
  • Achieve Compliance: Use built-in rules and policies as controls for SOC/PCI/HIPAA compliance
  • Secure Cloud Resources: Automatically fix misconfigurations that can cause extreme damage

You can read more and download this tool over here: https://github.com/panther-labs/panther

Share
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments