Panther is an open source platform designed to bring security visibility at cloud-scale. It’s a modern and flexible solution to the challenges of collection, analysis, and retention of critical security data. Panther detects threats, improves cloud security posture, and powers investigations.

Some of the benefits with using this tool are:

• Analyze TBs of data per day
• Write flexible, Python-based, real-time detection
• Bootstrap your security data lake
• Simply deploy with infrastructure as code
• Secure, least-privilege, and encrypted infrastructure

Components included with this framework:

• Log Analysis for parsing, normalizing, and analyzing security data
• Cloud Security for identifying misconfigurations in AWS accounts
• Data Analytics for queries on collected log data, generated alerts, and normalized fields

Following are some of the common use-cases of Panther:

• Detect Unauthorized Access: Analyze host-based logs to identify unauthorized access into systems that could indicate a breach
• Power Your Investigations: Join data from various sources to determine if a potential compromise has occurred.
• Threat Hunting: Quickly search all of your logs for matches against indicators of compromise by utilizing Panther’s standardized data fields
• Achieve Compliance: Use built-in rules and policies as controls for SOC/PCI/HIPAA compliance
• Secure Cloud Resources: Automatically fix misconfigurations that can cause extreme damage

You can read more and download this tool over here: https://github.com/panther-labs/panther